Stickers, Eclipses and Lighthouses [#35]

Today is a day for another round-up of interesting pieces from across the web. Nothing too special, but hopefully a little intriguing.

First up is Google Lighthouse, one of the many branches of the Alphabet behemoth and a pretty interesting little project. I haven’t actually managed to get it up and running, but I’ll definitely be trying it out on theAdhocracy some time soon (and probably weeping at the result). I don’t need to test it, though, to see it will be a very useful tool in battling the increasingly problematic issue of internet lag.

Second is the article which led me to Lighthouse in the first place: AMPersan, by Ethan Marcotte. Not much to add to this one, just another voice adding weight to my uneasiness with the idea of AMP and similar projects. Well worth a read if you’re interested in the open web.

In third place is a collection of ‘achievement’ stickers doing the rounds of the blogosphere right now. Originally designed by Jeremy Nguyen, published on The New Yorker and personally discovered via TheLogoSmith, the stickers are a humorous look at the pitfalls of being self employed. They’re specifically designed for freelance designers, but I feel a lot of them are applicable across disciplines. If you work from home, you’ll probably find yourself smiling and nodding.

Fourth on the list is a simple article from Martian Craft outlining “The Importance of Routine“. The post is aimed at remote works and is far from news to me, but it is a well written example of how to apply this kind of thinking. I’m saving it here more to try and force myself into setting something like this up for my own free time.

Finally, I was blown away by the “Lifetime Eclipse Predictor” visualisation created for The Washington Post (discovered via Source). In the wake of the recent total eclipse in the US, along with reading various posts on the rarity of such events, I’ve been left with a real urge to try and make sure at my path eventually coincides with a path of totality. It is a ridiculously awesome coincidence that our moon’s diameter and planet’s solar distance align so accurately. I mean, even if there are other life-hosting planets out there, we’re certainly one of an incredibly small number that can witness this phenomenon. That makes it practically a responsibility to see a total eclipse, at least once.

That Anti-Diversity Googler & Self Introspection [#31]

Standard workday, standard work lunch catching up on RSS feeds. Of course, quite a few of them are discussing the leaked “Anti-Diversity” manifesto from the, now infamous, ex-Google employee (name forgotten and ultimately unimportant). It’s been an interesting view into a very specific bubble of the tech sphere, but one which has helped elucidate the issue, if only a little.

Of particular note is the response from Adactio, which is easily understood by the title of the piece: “Intolerable“. I will hold my hand up right now and say that I find the whole issue a lot more complex than Jeremy Keith outlines, but I cannot argue with his conclusion. Nor can I argue with the incredibly diverse and well-written sources he links to, each of which is definitely worth a read.

That becomes particularly true if you’re anything like me: someone whose gut instinct was “this is utterly wrong”, but who found themselves wondering if, beneath the anger, fear and sexism, a valid point was lurking. Having now read through the links (linked below) I feel a little more confident in my gut reaction, which is a nice feeling.

Just to clarify my use of the phrase “valid point”, it is not valid that one gender is in any way better or worse at being involved in the tech sector (or any sector, for that matter). Instead, it’s more of an issue of how we go about addressing the very real disparities between both job prospects and job uptake by any dissuaded minority group (and yes, women are not a literal minority, but they are in tech due to centuries of discrimination, so I feel it a valid term within context). I have a personal distaste for anything that borders on “positive discrimination”. All it creates, long term, is embitterment and injustice, in my opinion. However, having read the links below I feel a lot more at ease that the diversity programmes at Google and similar companies are not going down this route, instead focusing on making the workplace a more attractive environment for everybody. That’s something I can get behind.

If there is one element of Keith’s article that I will find fault with, it’s the blanket tone of dismissal. I understand where he’s coming from and it’s a tricky thing to call out, because it’s an opinion I find myself feeling towards other subjects. I simply don’t feel the world is ever black and white enough to make a statement like:

I refuse to debate this. Does that make me inflexible? Yep, sure does.

But, hypocritically, I also find myself agreeing with the directly following statement:

But, y’know, not everything is worthy of debate. When the very premise of the discussion is harmful, all appeals to impartiality ring hollow.

As an example, earlier this week the BBC came under fire for featuring Lord Lawson on a program about climate science. The argument for his presence is that it provides “the other side of the debate” and that the BBC have a mandate to be as impartial as possible. The issue with their reasoning is that it implies there is a debate to be had. In terms of scientific consensus, the degree to which man-made climate change is refuted is utterly negligible. The debate has been settled for decades and continuing to present it in any other way is directly harmful. It is akin, though less instantly vitriolic, to claiming that the BBC needs to include a Holocaust denier in documentaries on WWII. Yes, there are some people out there who believe that the vast majority of historians are wrong, but no organisation in their right-mind would claim that there is an actual debate soliciting both sides being heard.

Perhaps, then, it is I who is wrong on the Anti-Diversity Manifesto. Perhaps Keith is right and any discussion of non-diversity is, by its nature, only destructive and harmful because that debate, too, has been settled. Still, I can’t help but feel that claiming so and shouting it so loudly only serves to reinforce the opinions of dissenters. It’s hypocritical of me, but I don’t feel that shutting down people with these opinions is the right course of action. Perhaps, in time, that will change. For now, I’m just happy to see that the discussion being had is largely positive.

Reading List:

A Brief History of Women in Computing – Faruk Ates

So About This Googlers Manifesto – Yonatan Zunger

Dissecting the Google Employees Anti-Diversity Manifesto – Ether Alali

Accio Deathly Hallows

10 years ago today the Harry Potter series came to a close. With the publishing of The Deathly Hallows a large part of my, and many others, childhood came to an end. I find it strange that a decade has passed since, but probably for different reasons.

Whilst I was eager to read The Deathly Hallows when it first came out, I have to admit that the Potter franchise had lost its lustre for me. I grew up alongside the release dates, but as they stretched out over the last three books my own ageing overtook the target audience. By the close of the series I still counted myself a fan, but my life revolved far more around the likes of Lord of the Rings, Pratchett’s Discworld and authors like David Gemmell.

But the release of The Deathly Hallows does mark a pretty big event in my life, though I wouldn’t realise it for another three (!) years. Several days before the book was officially released, a little known channel on YouTube uploaded what would become a viral, fan-favourite and Harry Potter inspired song: Accio Deathly Hallows. The musician was Hank Green; the channel was “Brotherhood 2.0”, the fledgling website that would evolve into the Vlogbrothers. Whilst Hank and his brother John have become far better known for other reasons, ranging from writing The Fault in Our Stars (John) to creating VidCon (Hank), that song was what changed their experiment on YouTube into a community. Both brothers have pointed to Accio Deathly Hallows as a pivot point, the first time either had considered that their involvement in YouTube was more than just a one-year deal. The popularity it gave them on the platform ultimately changed both of their careers and, arguably, the face of both YouTube and the web in general.

That, for me, is the far bigger anniversary today. The Vlogbrothers, their content and their outlook on life have been a hugely impactful and important part of my life as I left home, went to University and officially began to “adult”. They remain one of my most watched YouTube channels, a huge inspiration and a brilliant example to the world of how to be humans. Whilst it feels like Harry Potter ended years ago (which I guess it did), the idea that the Vlogbrothers have been vlogging for over a decade is equal parts encouraging and terrifying. Forget Accio Deathly Hallows, I’m more interested in Accio DFTBA.

Security All The Way Down [#26]

Source, one of the many blogs I follow, has recently had a themed content week focusing on security. For their main readership this means security for the newsroom, security for the journalist, but their articles are both fascinating and widely applicable. It may seem a bit ridiculous but the reality is: everyone is a target. Yes, a journalist is more likely to be specifically targeted, because they have access to unique and often-times damaging material, but literally every single person has something that is valuable to someone else.

Maybe it’s money in the form of online bank accounts, crypto wallets or card-verified e-commerce sites like Amazon. Maybe it’s social media accounts, valuable for gathering personal identifiers that can be sold en masse for identity theft purposes or even to be used as part of modern botnets, spreading viruses and further compromises. Maybe it’s compromising personal information, images you wouldn’t want widely distributed or conversations you’d rather pay to keep out of the public eye. Maybe it’s just the thrill of seeing how far you can go, what you can uncover.

It’s unlikely that you would be directly targeted, but it’s actually fairly likely that you will be targeted at some point. It’s happened to me. A few years ago I received a message from my bank querying a large sum purchase made with a debit card that I hadn’t used in years. I freaked out a little, contacted them and had the transaction cancelled; once the bank had assured me that no further charges would occur I calmed down and started trying to piece together how the hell someone had managed to skim a card that had been out of circulation for years.

The answer, as is so often the case, was the combination of forgotten accounts, common passwords and third party security breaches. Exactly which chain of interconnecting services led to this particular attempt at fraud is impossible to prove, but here’s my best guess. Back when I was heavily active on League of Legends they had a mass server breach, with hundreds of thousands of accounts compromised. The parties involved made off with data tables of passwords, account names and associated email addresses; no credit card details, but enough personal information to be seriously damaging. My account name was unique and the associated email address had a different password, so I figured I was safe. I was wrong. Someone, somewhere, managed to link my username to an old email account, which used that same password (Error #1). They accessed that email account without my knowing (Error #2 – setup two-step authentication!) and from their likely downloaded my entire email history (Error #3 – if you don’t need it right now, encrypt/archive it or delete it).

Within that database of emails were messages from an ancient PayPal account I hadn’t used in years (Error #4 – close accounts you no longer need). That PayPal account had a different password, but that doesn’t matter; whoever it was simply had a password reset request sent to my compromised email address and flipped it. That PayPal account was still connected to my old debit card, which I’d never closed down despite no longer using it (Error #5). They tried to use that account, with that card, to make a purchase when luckily a third party, my bank, flagged it as suspicious. As a result, the purchase was cancelled. Great, right? Problem solved, issue avoided, time for a cup of tea, right?

Wrong. I contacted PayPal and had the account closed, I went to my bank and terminated the card and figured the worst of it was over. Except, the email account was no longer accepting my leaked password. Four years later and, for some reason, the password happened to be flipped back to the original one; I’ve just managed to regain control, through sheer luck, but the ripple effects are still being discovered. That email account was the main personal ID for dozens of other online accounts, many of which have been deleted, taken over or banned. Some were used for spam, others for malicious “fun” and others just destroyed. I’ve spent the best part of the last two weeks going through that old email account, finding associated logins across the web and shutting them down or taking back control.

The whole ordeal has spanned years and is still on going. Now, on the one hand, I got lucky. Losing so many accounts didn’t impact my financially, it didn’t uncover any secrets that could have been used to blackmail me or hit me IRL (I’m too boring for anything like that) and I never really felt any negative impact from it. I’ve lost some memories and a decent chunk of my personal time, but that’s about it. But like I said, I got lucky.

So, whilst very interesting and a recommended read, going through Source’s recent articles on personal security have left me a little red-faced. For everything I supposedly “learned” I’m not much better today then I was four years ago in real terms. I’ve slowly been building a database of accounts I have, what they’re associated with and the personal details they contain. I’ve reset my passwords and made sure they’re all unique. Where possible I’ve closed accounts I no longer want or, at the least, removed any personal identifiers from them. But beyond that? Not much.

Reading through A Guide to Practical Paranoia is like reading a checklist of ways I’m falling behind. It recommends using local password managers like KeyPass rather than cloud-based services, but I still haven’t managed to even make that step. Tor and other end-to-end encryption are mentioned as good first steps, but all I have is WhatsApp… not sure that really counts. Don’t use out of the box, popular options for data you care about it says, which I agree with whilst writing on a WordPress blog running the vanilla theme.

Perhaps it’s time to start making inroads into my personal security again. The reason it hasn’t happened yet is because it’s hard, it’s boring and it can be pretty confusing to boot, but the alternative is harder and potentially actively damaging. In the mean time, though, I can definitely recommend giving the suggestions and ideas on Source a good read over:

A Guide to Practical Paranoia – Stephen Lovell (Source)
Why My Motto as a Security Journalist is “Assume Breach” – J. M. Porup (Source)

 

Echoing Frustration [#17]

I received an Amazon Echo for my birthday. I honestly wasn’t expecting to, so it was a really fun and exciting surprise to unwrap; although, I have to admit that my initial reaction was “What am I going to use this for?”.

So, a month on, what do I find myself using the Echo for? Because we do use it, all the time (probably every day, in fact). The obvious use for an Echo is music. It syncs nicely with Amazon Music (obviously), Spotify, Pandora and a bunch of other services. Straight away though, we run into problem number one with the Echo: I live in the UK. So that long list of music services is actually just Amazon and Spotify. Sure, I have a Spotify premium account, so that list suits me just fine, but it is something to keep in mind. If you live in the UK, a lot of the features and services that actually use the Alexa platform just don’t exist.

But, still, Spotify works wonderfully. It took a few days to get used to the way Alexa, Amazon’s assistant, wants you to request songs but once we worked it out it became surprisingly natural. There are some issues, particularly with albums with unusual names such as Watsky’s X Infinity. It should be pronounced “times infinity”, but Alexa only understands “ex infinity”. Still, not the most irritating problem in the world.

No, that title goes to the single largest gripe that I have with the Echo and Amazon’s implementations in general. Because Amazon really want you to use their own music platform on the service, not their direct rival Spotify, the interaction with the service is as stripped back as possible. To be fair, Spotify has been removing features continually for years anyway, but I use most of what’s left pretty consistently. Chief amongst those extras is Last.FM integration which is frustratingly absent from the Echo. This has caused some pretty big issues and a whole lot of irritation.

I initially hoped to hook up a recipe in IFTTT, but Alexa’s API only allows you to know when a song is being played through Amazon Music, not third party services. It also turns out that IFTTT has dropped Last.FM support. That’s a whole other complaint for another time but… dammit, really?!

But, I thought, I’m a Prime subscriber as well. That means I can just use Amazon Music on the Echo and create an IFTTT to record a list to a Google sheet. Not the most elegant solution, but coupled with the Universal Scrobbler, it would be relatively low maintenance. Except, you see, Prime Music and Amazon Music aren’t the same thing. I hadn’t noticed this before, as I use Prime for shipping, storage and TV, but apparently Echo doesn’t work with Prime music itself. Sigh.

So, at the moment I’m stuck in limbo. For a brief time it looked like casting from my PC or phone would work, albeit at the complete loss of voice control, which is pretty much the main selling point of an Echo. Unfortunately, that appears to be hit and miss at best. I’ve temporarily accepted defeat, but I will say this: the moment a competitor comes out with a product that lets me Scrobbl music, I will be switching immediately.

Because, here’s the thing. In spite of this huge, gaping black hole of missing functionality, we use the Echo every day. It sits in our kitchen, where it has completely replaced a collection of speakers, digital radios and iPods with a single, elegant device. It lets you change songs, check the time or convert measurements whilst elbow deep in food preparation or washing up. It’s even replaced our old egg timer, allowing us to time multiple dishes all at once, and looks set to do the same with our shopping list. My initial thought of “What am I going to do with this” has been answered many times over with a wealth of surprising little features. Plus, it sounds great; we pretty much use it as our main audio player in fact. Despite everything I’ve said above, I am a complete convert to voice controlled audio players and cannot wait to see what functionality comes to them in the future. It’s just that, right now, the one piece of functionality I most want is missing. Fingers crossed, not for long!

Martian Mirrors [#5]

Photograph of a wooden framed mirror with weather and calendar events projected onto the glass
Do I look Smart in this?

I absolutely love the execution and concept behind this “smart” mirror by Alex Repty (from MartianCraft). Sure, it’s clearly a labour of love rather than a commercial concept, but it’s also the kind of DIY tech project I aspire towards. Everything within the execution is custom made (even if the occasional part, such as the mirror, were purchased) so the end result can truly be called one-of-a-kind. Most impressive of all, to me at least, is that the software is also custom code whipped up to suit Alex’s particular needs. Whilst a “smart” mirror isn’t exactly top of my list of IoT devices, and the cost of the two-way mirror itself is a little off putting, I’d definitely like to try my hand at something similar in the future. Plus, with the whole process neatly written up for everyone to follow, it shouldn’t be too hard to reassemble the concept for my own needs. Top marks all round!

CMYK and the Magical Illusion of Colour

View post on imgur.com

There’s isn’t much to add to the above GIF, other than that I think it’s a really cleverly designed and demonstrated concept. The idea of CMYK printing is nothing new to me; I’ve been interested in the physics used in forming imagery since I first noticed the tiny circles of colour (read: pixels) on a Coca-Cola vending machine image at school. Heck, I’ve worked for a newspaper company right next to the printing warehouse and currently program for a company that specialises in bulk printing!

That said, I still find the concept of combining varying levels of cyan, magenta, yellow and black to form a seemingly full-colour image a little magical. I’m clearly not the only one, too, and this was a little too well executed not to share.

PS: This is also the first time I’ve ever posted using a card. Having finally seen the process in the wild, this is also a little bit magical. I’m just a little concerned its magical towards the Dark Arts end of the spectrum.