Stickers, Eclipses and Lighthouses [#35]

Today is a day for another round-up of interesting pieces from across the web. Nothing too special, but hopefully a little intriguing.

First up is Google Lighthouse, one of the many branches of the Alphabet behemoth and a pretty interesting little project. I haven’t actually managed to get it up and running, but I’ll definitely be trying it out on theAdhocracy some time soon (and probably weeping at the result). I don’t need to test it, though, to see it will be a very useful tool in battling the increasingly problematic issue of internet lag.

Second is the article which led me to Lighthouse in the first place: AMPersan, by Ethan Marcotte. Not much to add to this one, just another voice adding weight to my uneasiness with the idea of AMP and similar projects. Well worth a read if you’re interested in the open web.

In third place is a collection of ‘achievement’ stickers doing the rounds of the blogosphere right now. Originally designed by Jeremy Nguyen, published on The New Yorker and personally discovered via TheLogoSmith, the stickers are a humorous look at the pitfalls of being self employed. They’re specifically designed for freelance designers, but I feel a lot of them are applicable across disciplines. If you work from home, you’ll probably find yourself smiling and nodding.

Fourth on the list is a simple article from Martian Craft outlining “The Importance of Routine“. The post is aimed at remote works and is far from news to me, but it is a well written example of how to apply this kind of thinking. I’m saving it here more to try and force myself into setting something like this up for my own free time.

Finally, I was blown away by the “Lifetime Eclipse Predictor” visualisation created for The Washington Post (discovered via Source). In the wake of the recent total eclipse in the US, along with reading various posts on the rarity of such events, I’ve been left with a real urge to try and make sure at my path eventually coincides with a path of totality. It is a ridiculously awesome coincidence that our moon’s diameter and planet’s solar distance align so accurately. I mean, even if there are other life-hosting planets out there, we’re certainly one of an incredibly small number that can witness this phenomenon. That makes it practically a responsibility to see a total eclipse, at least once.

Accio Deathly Hallows

10 years ago today the Harry Potter series came to a close. With the publishing of The Deathly Hallows a large part of my, and many others, childhood came to an end. I find it strange that a decade has passed since, but probably for different reasons.

Whilst I was eager to read The Deathly Hallows when it first came out, I have to admit that the Potter franchise had lost its lustre for me. I grew up alongside the release dates, but as they stretched out over the last three books my own ageing overtook the target audience. By the close of the series I still counted myself a fan, but my life revolved far more around the likes of Lord of the Rings, Pratchett’s Discworld and authors like David Gemmell.

But the release of The Deathly Hallows does mark a pretty big event in my life, though I wouldn’t realise it for another three (!) years. Several days before the book was officially released, a little known channel on YouTube uploaded what would become a viral, fan-favourite and Harry Potter inspired song: Accio Deathly Hallows. The musician was Hank Green; the channel was “Brotherhood 2.0”, the fledgling website that would evolve into the Vlogbrothers. Whilst Hank and his brother John have become far better known for other reasons, ranging from writing The Fault in Our Stars (John) to creating VidCon (Hank), that song was what changed their experiment on YouTube into a community. Both brothers have pointed to Accio Deathly Hallows as a pivot point, the first time either had considered that their involvement in YouTube was more than just a one-year deal. The popularity it gave them on the platform ultimately changed both of their careers and, arguably, the face of both YouTube and the web in general.

That, for me, is the far bigger anniversary today. The Vlogbrothers, their content and their outlook on life have been a hugely impactful and important part of my life as I left home, went to University and officially began to “adult”. They remain one of my most watched YouTube channels, a huge inspiration and a brilliant example to the world of how to be humans. Whilst it feels like Harry Potter ended years ago (which I guess it did), the idea that the Vlogbrothers have been vlogging for over a decade is equal parts encouraging and terrifying. Forget Accio Deathly Hallows, I’m more interested in Accio DFTBA.

Security All The Way Down [#26]

Source, one of the many blogs I follow, has recently had a themed content week focusing on security. For their main readership this means security for the newsroom, security for the journalist, but their articles are both fascinating and widely applicable. It may seem a bit ridiculous but the reality is: everyone is a target. Yes, a journalist is more likely to be specifically targeted, because they have access to unique and often-times damaging material, but literally every single person has something that is valuable to someone else.

Maybe it’s money in the form of online bank accounts, crypto wallets or card-verified e-commerce sites like Amazon. Maybe it’s social media accounts, valuable for gathering personal identifiers that can be sold en masse for identity theft purposes or even to be used as part of modern botnets, spreading viruses and further compromises. Maybe it’s compromising personal information, images you wouldn’t want widely distributed or conversations you’d rather pay to keep out of the public eye. Maybe it’s just the thrill of seeing how far you can go, what you can uncover.

It’s unlikely that you would be directly targeted, but it’s actually fairly likely that you will be targeted at some point. It’s happened to me. A few years ago I received a message from my bank querying a large sum purchase made with a debit card that I hadn’t used in years. I freaked out a little, contacted them and had the transaction cancelled; once the bank had assured me that no further charges would occur I calmed down and started trying to piece together how the hell someone had managed to skim a card that had been out of circulation for years.

The answer, as is so often the case, was the combination of forgotten accounts, common passwords and third party security breaches. Exactly which chain of interconnecting services led to this particular attempt at fraud is impossible to prove, but here’s my best guess. Back when I was heavily active on League of Legends they had a mass server breach, with hundreds of thousands of accounts compromised. The parties involved made off with data tables of passwords, account names and associated email addresses; no credit card details, but enough personal information to be seriously damaging. My account name was unique and the associated email address had a different password, so I figured I was safe. I was wrong. Someone, somewhere, managed to link my username to an old email account, which used that same password (Error #1). They accessed that email account without my knowing (Error #2 – setup two-step authentication!) and from their likely downloaded my entire email history (Error #3 – if you don’t need it right now, encrypt/archive it or delete it).

Within that database of emails were messages from an ancient PayPal account I hadn’t used in years (Error #4 – close accounts you no longer need). That PayPal account had a different password, but that doesn’t matter; whoever it was simply had a password reset request sent to my compromised email address and flipped it. That PayPal account was still connected to my old debit card, which I’d never closed down despite no longer using it (Error #5). They tried to use that account, with that card, to make a purchase when luckily a third party, my bank, flagged it as suspicious. As a result, the purchase was cancelled. Great, right? Problem solved, issue avoided, time for a cup of tea, right?

Wrong. I contacted PayPal and had the account closed, I went to my bank and terminated the card and figured the worst of it was over. Except, the email account was no longer accepting my leaked password. Four years later and, for some reason, the password happened to be flipped back to the original one; I’ve just managed to regain control, through sheer luck, but the ripple effects are still being discovered. That email account was the main personal ID for dozens of other online accounts, many of which have been deleted, taken over or banned. Some were used for spam, others for malicious “fun” and others just destroyed. I’ve spent the best part of the last two weeks going through that old email account, finding associated logins across the web and shutting them down or taking back control.

The whole ordeal has spanned years and is still on going. Now, on the one hand, I got lucky. Losing so many accounts didn’t impact my financially, it didn’t uncover any secrets that could have been used to blackmail me or hit me IRL (I’m too boring for anything like that) and I never really felt any negative impact from it. I’ve lost some memories and a decent chunk of my personal time, but that’s about it. But like I said, I got lucky.

So, whilst very interesting and a recommended read, going through Source’s recent articles on personal security have left me a little red-faced. For everything I supposedly “learned” I’m not much better today then I was four years ago in real terms. I’ve slowly been building a database of accounts I have, what they’re associated with and the personal details they contain. I’ve reset my passwords and made sure they’re all unique. Where possible I’ve closed accounts I no longer want or, at the least, removed any personal identifiers from them. But beyond that? Not much.

Reading through A Guide to Practical Paranoia is like reading a checklist of ways I’m falling behind. It recommends using local password managers like KeyPass rather than cloud-based services, but I still haven’t managed to even make that step. Tor and other end-to-end encryption are mentioned as good first steps, but all I have is WhatsApp… not sure that really counts. Don’t use out of the box, popular options for data you care about it says, which I agree with whilst writing on a WordPress blog running the vanilla theme.

Perhaps it’s time to start making inroads into my personal security again. The reason it hasn’t happened yet is because it’s hard, it’s boring and it can be pretty confusing to boot, but the alternative is harder and potentially actively damaging. In the mean time, though, I can definitely recommend giving the suggestions and ideas on Source a good read over:

A Guide to Practical Paranoia – Stephen Lovell (Source)
Why My Motto as a Security Journalist is “Assume Breach” – J. M. Porup (Source)

 

Trakting My Media

I am an idiot.

Yesterday I wrote about my frustration that no Last.fm style service existed for TV and film. Last night I went home and found two such web apps in less than ten minutes. It turns out, I was Googling wrong.

There may actually be more than two out there, but it was Trakt and Simkl that caught be eye. Idiotic names aside, both appear to be healthy and robust options with exactly the functionality I was after. Simkl is clearly the baby of the two, with less interactivity with third party services and no current mobile applications on offer. Trakt, on the other hand, appears to have undertaken the Spotify model and launched with a robust API, resulting in adoption by dozens of third-party services. Only time will tell if they complete that model, eventually buying out the few they like and pulling the rug out from beneath the others…

Trakt also wins out in the aesthetics department, with a much more modern and refined style, layout and UI. Conversely, Simkl feels like a leftover remnant of the Web 2.0 era. Trakt does lose points for hiding some relatively key features behind a pay wall, such as in depth analytics and IFTTT integration, but all the features you absolutely need only cost your login credentials, so it isn’t a major roadblock.

I conducted some (very) informal testing last night to see which I might prefer long term. Both were pretty easy to setup, search and navigate though though I found Trakt simpler to retroactively scrobble a show to (a pattern begins to emerge). Trakt’s functionality enabling you to set when you watched a show, going back months, means that the hurdle of cinemas/analogue TV becomes fairly manageable. Simkl likely has these features hidden within its less intuitive UI, but I never found them.

Whilst watching a film in the evening, I tried to test out the mobile options. Simkl simply doesn’t have any at the moment, which is a fairly major black mark. Trakt, as mentioned, has a huge variety but none are actually that great. Most of the Android apps only cater for TV, whereas I need a service that does film as well. The remaining options were a mixture of poor design, buggy features and bad reviews. Even when I did work out the best way to search their archives I found all but one (Cathode) failed to actually return the film I was watching, despite it being present in the Trakt database. Even then, once found, I couldn’t retroactively scrobble the film, instead being forced to choose ‘just watched’ or ‘currently watching’.

To be clear, this is definitely not Trakt’s fault. It would be nice if they launched their own mobile app with a focus on their core features, such as scrobbling, but I can understand why they’ve gone this route. For me, it will mean I can use Cathode when I’m at a friend’s house or the cinema to scrobble as I watch; if I forget, I can add it in later from the Trakt interface itself. That’s a fair compromise and offers a level of flexibility I’m surprised isn’t also behind the pay wall.

For now, then, Trakt has won my support. I signed up to both with test accounts to try them out and both get top marks for making it easy and fairly clear how to permanently delete those accounts. I’ve since signed up to Trakt ‘properly’ and back-filled my viewing habits for 2017 so far. You can follow along here, if you’re at all interested.

It also turns out that my “New 52” challenge has already become more taxing than I had anticipated. Allowing myself a whole week should have removed any stress, but come Tuesday morning on week #2 and I was panicking. I didn’t have any ideas and realised that I’m away at the weekend. I felt like I was running out of free time and it’s amazing how that was sufficient to freeze out my rational mind entirely. The result was a rushed out, imperfect article on a non-existent issue. I felt a little stupid when I realised. I was tempted to remove the #2 from the title and stick it on this post instead, but I’m not going to. I’m going to leave that flag there as a reminder to chill out a bit more in the future. Hopefully it helps.

Scrobbling Movies [#2]

I find it slightly bizarre how popular Last.fm has become over time. I understand that the service now offers a plethora of features, including some powerful music discovery tools, yet at the core Last.fm is just an overly detailed extension of the play count found in every media player since Windows XP. It tracks what music you listen to; that’s it, the whole of their USP.

To be clear, I may find it bizarre but I am not surprised at the service’s popularity. Personally, I love Last.fm and thoroughly enjoy digging into my monthly/annual listening habits, seeking out new artists or rediscovering ones I had forgotten. It’s continued popularity proves that I am not alone and that, bells and whistles aside, being able to analyse your musical tastes and use them to inform future experiences is something that a decent number of people see value in.

So I find it all the more irritating that there doesn’t appear to be a similar service available for film/TV. There are services like Letterboxd that let me manually track what I watch, but I already do that. There’s nothing extra on offer and they are particularly lacking a visual media analogue to scrobbling. When they launched, scrobbling was a seriously weird idea, but it solved the single largest issue that Last.fm had: apathy. When I’m listening to music, I don’t want to have to pause every few minutes, break out of ‘the zone’ and write down what I’ve just heard. No, Last.fm had to find a way to make the data gathering automatic, ensuring their datasets are as complete as possible.

With movies and TV there are further obstacles, chiefly that the methods of consumption are not quite so intricately linked with the internet or computers in general. But with the rise and rise of streaming services such as Netflix combined with the increasing trend of buying media digitally should result in these roadblocks slowly eroding away. Hopefully, soon, someone will pop up to start taking advantage of that process.

In the meantime, I’m going to continue looking for options and pondering my own. I would love to be able to put something together here, just a quick notes section that I could easily type up and submit to directly from my phone. Perhaps I could get it running, but in reality it will likely remain as a Todoist task for months. We’ll just have to wait and see.

Cards Against Clarity

The concept of “card based” web design has been around for at least three years now. So why is it that the following quote from Khoi Vinh, written back in 2014, still appears to be a fundamental truth:

it hasn’t gotten much easier to explain to the uninitiated what, exactly, a card is.

Because here’s the thing: as much as I love reading about web design, I am still very much a member of the “uninitiated”. I can tell because I still have absolutely no idea what a “card” is.

I realised this (yet again) thanks to a recent article that cropped up in my RSS feed. I’ve been singing their praises recently, so hopefully Zurb won’t mind too much if I point to 5 Common Mistakes Designers Make When Using Cards in Design as a prime example of 1 Common Mistake Web Designers Make When Talking about Cards, chiefly, that what a card is fails to be defined anywhere.

Perhaps this whole situation is just down to me. Maybe I’ve fallen so far behind web trends that my outdated ways of attempting to understand “cards” are just not up-to-scratch. But, frankly, there doesn’t seem to be much help out there.

Early articles on using “cards” in design tend to paint a picture of API driven, cross-platform data sharing. A sort of standardised method of pushing/pulling content from/to various web apps; an ecosystem of information, if you will. That all sounds interesting and pretty great, yet presents a concept that is simultaneously vague and highly technical, creating a perfect mixture for people to be excited about yet confused over.

Yet “cards” are also used to describe certain design styles. In that linked Awwwards article a number of examples of “good card-based web design” are cited. Some, such as Dribbble and Pinterest, appear to be examples of the information ecosystem mentioned above. But then you have websites like White Frontier, which whilst being a great example of web design do not appear to have any form of content interaction or applicable data extraction methods. Yet these designs are, apparently, just as “card based” in their makeup.

As far as I can tell from Googling around the subject, “cards” are just rectangular content areas situated on a website. They might pull in information from a third party, they might just be a stock photo and a strapline. The article I initially quoted comes to a similar conclusion, that cards either fit into the “design” or “third-party” camps, which doesn’t seem particularly useful to me. If they’re just a design style then, really, they’re just a particular way of presenting content; a way which, ultimately, seems pretty much identical to how most people have always done it. If they’re only to be used when pulling third-party data then we need a tighter definition, because I don’t feel anyone would be happy suggesting iframes are all cards.

Currently, their only unifying factors appear to include being responsive, rectangular and online. So perhaps that’s all there actually is to them, which would be rather neat. If that is the case, then I can happily claim to have been making card-based websites since 2007, putting my well ahead of the trend!

Scrobbling from the Void

Looking back over what I’ve previously written about Last.fm is a little, well, shameful. Since as long ago as July 2015 I’ve been noting how the service has a large void: analog music. I love having a record of my listening habits, but that record currently lacks any music consumed on CD or vinyl which skews it quite heavily towards bands I’m just getting to know, rather than incorporating those I’ve listened to for years.

The solutions to this glaring issue have grown up a little since 2015. I’ve previously mentioned the Universal Scrobbler, which has become more feature rich than ever, supporting bulk scrobbling as well as integrating database searching from both Discogs and Last.fm to make scrobbling entire albums as easy as single tracks. There is also now a healthy competitor in the form of the Open Web Scrobbler, a brain child of Github and Reddit which does a fantastic job of letting you fine tune your listening record. It also has some surprisingly powerful little features, including the ability to customise a Scrobble’s time stamp which then self-updates with each tracks duration to keep it effectively in-sync.

Despite that, manually entering an entire album in the OWScrobbler is time consuming and prone to errors. Luckily, Last.fm does have an option to delete scrobbles, but still it was enough of an irritation for me to rarely use the service for anything more than a lone track here and there. Whole albums on vinyl or CD? To much effort.

Today, though, Last.fm released my “2016 in Review”, driving home which artists and albums have mostly been lost to the void. I briefly looked at API hooks to develop a self-hosted solution, but was quickly reminded that WordPress remains a barrier. Back to looking longingly at the Universal Scrobbler’s Premium service then I guess. But hold on… something else seems to have changed since 2015. Back then I wrote how I couldn’t “justify the price” of a premium subscription. Well, either the price has come down or my definition of expensive has changed,  because a life time membership only costs $4.99 (USD), which currently seems very affordable.

It’s half an hour later and, as far as I’m concerned, I’ve already made my money back. I’ve scrobbled several albums I own on vinyl multiple times over, effectively updating my listening records for each artist for this year. There’s plenty more I still need to add, but I can now take five minutes out of a day and fire in a months worth of listening habits that would otherwise have stayed lost to the void. As a result I’m hoping my “2017 in Review” will be a much more interesting and balanced affair.