The Marvel-ous Collection: A Beginning

I’m a pretty big fan of the Marvel Cinematic Universe, so it felt a bit ridiculous when I was given Guardians of the Galaxy: Volume 2 for Christmas. To be clear, the gift wasn’t ridiculous; it’s a fantastic film and one I’ve been excited to rewatch since seeing it in the cinema. The ridiculous part was that this officially marked the start of my Marvel Bluray collection. That’s right, I might be a huge fan of the franchise and own a fairly sizeable solid-media movie collection, but I’m almost entirely absent the MCU!

I say almost, because in truth I do own both Guardians of the Galaxy (now Volume 1, I guess) and Captain America: The Winter Soldier on DVD, but for a 17 film franchise (at time of writing) that’s pretty meagre. Part of that reason is the Bluray dilemma: ultimately, I don’t care that much about the increased resolution for most films, but I definitely care about the extra features. As Bluray has become the de facto release location for collector’s editions and special features, I was increasingly left behind, waiting for both an excuse to buy a Bluray player and then, later, for prices to drop back to the realms of sanity.

Luckily, 2017 saw both goals achieved. Whilst Blurays remain expensive (Marvel’s particularly so), they’re now at an acceptable premium above the respective DVD release, so with bonus featurettes, content and a better picture quality they feel somehow more worthwhile. At the same time, Marvel finally released a collected set for both Phase One and Phase Two, something I find bizarre has taken half a decade. I mean, what other purpose does the marking of “phases” serve then to artificially create film sets? At any rate, the result was a sudden galvanisation to fill in the blanks and finally own some of my favourite superhero films.

Unfortunately, a quick look at the contents of the collected sets left me a little cold. Yes, there are new bonus scenes, animatics and fun Agent Coulson introductions for each of the films, but they also lack a number of key special features from previous releases, especially the big documentaries. As a result, I’ve thrown in the towel! If Marvel/Disney can’t get their act together and release a definitive edition of the MCU then I’ll just create one myself.

The first hurdle was finding out what variations existed, what the actual differences were and then weighing up the pros and cons. Luckily, Reddit came to my aid (after Google summarily failed) with a raft of suggestions for comparison websites geared towards just this kind of task.

Since then, I’ve been slowly going through the films, one by one, narrowing down my options until I’ve found the exact version that most intrigues me. So far, the few I have settled on have been “out of print”, but luckily a robust second hand market appears to exist, keeping resell prices low. It’s slow going, but honestly I’m finding it quite fun. I’m also tracking my decisions and aim to release a full list, and break down of why I chose each film’s specific version, once I’m done.

For now, I figured it would be worth a quick round-up of the websites I’ve found most useful, so without further ado, and in no particular order, here are my top five film hunting locations:

1. DVD Double Dip
Not the prettiest site, nor the most complete in terms of information, but what it does have is extremely easy to read, compare and review. Probably the best starting point I’ve found but take the accuracy with a pinch of salt.

2. DVD Compare
Very accurate, particularly when it comes to extra features, and great for comparing regional differences in films. Take particular note of the “Cuts” and “Overall” sections at the bottom of a search page to see if the film is actively censored anywhere in the world. I wish you could compare films side-by-side, but still easily my favourite comparison site.

3. Blu-Ray.com
Probably the most complete database of film releases on this list but a bit of a pig to search accurately. There’s no way to easily compare film versions without opening multiple tabs, but you can filter by country directly on the search bar and the user reviews are solid, often clearing up any confusion over oddly phrased features.

4. Filmogs
Another very complete database without easy comparison methods. Easier to navigate than Blu-Ray.com but the search is less intelligent (e.g. “Avengers” fails to pull back any collected sets). Again, useful for getting more information, plus acts as a competitively priced marketplace.

5. /r/DVDCollection
If all else fails, ask here and someone will probably either know the answer or own the film and be able to tell you. Really helpful bunch!

Of course, once you’ve narrowed down your options and decided which version is just right, you still need to buy the darn thing. Obviously if you’re looking at buying new then all the normal locations apply, but for second hand movies I’m having most success at the following:

1. Music Magpie – though be wary, several times I’ve spent a while looking at a film, come back later and found the price has shot up. Leave it a few days and it seems to drop back down again.
2. eBay
3. CEX
4. Amazon Marketplace

Happy hunting!

New Year, New Phone? Compare the Camera First

Currently, both myself and my partner are looking into replacing our mobile phones (her slightly more urgently). As a result, we’re both quite deep in the mire of tech reviews, contract comparisons and general research. For the most part, this has only gone to prove what I wrote about several weeks ago: the mobile phone market is stagnant. None of the current generation’s big, flashy marketing gimmicks are even close to being on my list of desirable features, whilst previous years’ genuinely useful innovations seem to have almost entirely disappeared (looking at you, waterproof casings!).

As a result, more so than at any time I’ve previously delved deep into the mobile market, the minor differences and quality of parts are becoming increasingly important. For both of us, one of those now-standard features which can make or break a mobile is the camera, but trying to really tell the difference between two handsets ability is getting incredibly hard. Long gone are the days of pixel wars, where the MP rating was a broadly useable mark of quality. Now all phones have far too many pixels to ever be needed, meaning the calibre of the lens and processing software is much more important. Here, too, though it has become harder to tell pro from imposter, with even relatively basic mid-tier handsets boasting chips and glass from reputable sources like Zeiss and Samsung.

So the discovery of GSM Arena and it’s phone comparison tools (all credit goes to my partner for the actual discovery, of course) is a real boon. It’s a brilliant website – irritating banner ads aside – which is surprisingly fast to load extremely high resolution, balanced images taken with any number of mainstream mobiles. Not just photos, but stills taken from video recordings are present as well, able to be synced between three phones for immediate comparison. It’s a fantastic tool for quickly and accurately comparing models, with some surprising results. Personally, my favouritism of Sony has seen me eyeing up the XZ1 Compact, but having viewed the direct comparison between the Galaxy S8 I’m now a little put off (though oddly the video still seems much sharper). Most disappointing has been the Huawei Mate 10 Lite, which impressed me in store but at this detail is clearly lagging far behind.

Still, personal problems aside, it’s a cracking service and well worth shouting about!

Death of the Internet [#50]

December 14th 2017: The day the internet died.

It’s a weird thing to wake up to, the repeal of net neutrality in the US. There’s is absolutely nothing that I, as a British citizen, could do to prevent the FCC from taking this course of action. Which, to be fair, isn’t too far from the reality for American citizens either; the result is not particularly unexpected, despite widespread criticism.

There’s also no way of knowing the impact it will have. Worst case scenario, as a non-American, would be seeing other governments (particularly my own) mimicking the decision and formally handing the web over to corporations, rather than people. Except, outside of the US the ISP market isn’t dominated by monopolies, so the market would actually stand a chance at forcing effective neutrality. That means I’m fairly insulated from the most obvious repercussions. Harder to measure, but probably more likely, are the ripple effects. How many new services will simply never exist if US providers decide that road blocks are more profitable than open highways? How much innovation in Silicon Valley will be lost to firms spending less on R&D and more on bandwidth?

On the other hand, if ISP’s in the US do abuse their new powers it could lead to the slow (or relatively sudden, depending on perspective) eroding of the US as a global leader in technology and software. Whilst the UK is not exactly well placed to pick up that slack, countless other countries would likely benefit. Less of an American influence on the web could actually be widely beneficial (of course, not to Americans).

The result is that the loss of net neutrality, from a global perspective, is a bit of a grey area. We may benefit or we may lose, but ultimately we will be slightly more able to shape that destiny. The ridiculousness of the decision is that such luxury is not afforded to the US itself. They are the ones rolling the dice, but they’re also the ones with the highest stake, all balanced precariously on an unknown odd. No matter what happens next it’s pretty unlikely the US will benefit, but the rest of the world just might.

On that note, if you are in the US and are rightfully worried/angered by the decision that occurred yesterday, I’d point you towards Ethan Marcotte’s break down. It offers a slim silver lining which is plausible (unlike some of the others doing the rounds) as well as an even, yet irritated, overview of what it could actually mean. Well worth a read and well worth enacting.

Dark Booking Patterns [#47]

I just fell down a rabbit hole learning about Dark Patterns, thanks largely to a link in an, as ever, well thought out Adactio post. To be clear, I knew what a Dark Pattern was, I just hadn’t come across the term for them before. In brief, then, a Dark Pattern is a UI decision created to get a user to do something without really knowing why or how. It’s trickery and marketing merged into one and can be used to generate actual sales, push you to a specific part of a website or article, draw your attention away from negative elements or get you to agree to participate in some way. Basically, Dark Patterns aren’t great. They’re a bit morally dubious, they can leave a bad taste in your mouth and they can actively confuse or negatively impact people.

Sounds like something that should be avoided and shunned by any morally conscious designer, right? And probably something that, when noticed, should be shamed, yes? Good, we’re on the same page. But then I read a well reasoned break down of why Booking.com is a pretty awful abuser of exactly this type of user experience design. The full article, titled How Booking.com Uses Stress to Rush Your Decisions and written by Roman Cheplyaka, is a smorgasbord of dodgy design decisions. From fake urgent messages (“Someone just booked the hotel you’re looking at!”) to hiding negative reviews, Booking.com does not fare well when analysed with a Dark Pattern mindset. Time for a boycott then, right?

Well, put simply, no. I use Booking.com quite a lot. I’m a registered member and a recipient of their “Genius” discounts, which have saved me a fair amount over the past few years. I like the wide selection of hotels that are on offer, I like how key information is displayed and I particularly like their search functionality which makes drilling down through results incredibly quick and easy. I’ve recommended the service to countless friends and family and I’m not about to stop anytime soon. Do I find the urgent messages and dire warnings of inaction irritating? Yes. Have I occasionally found myself booking a room faster than I probably ought to have because of a fear of missing a deal? Yes. The Dark Patterns are clearly working, and are definitely reducing my enjoyment of the service being provided, but it isn’t a big enough issue to tip the balance away from all the positives.

Interestingly, it seems like Roman comes to a similar conclusion. Somehow, Booking.com has done such a good job in their general, overall experience that the little irritations can be happily ignored. Some of them I don’t even agree with. Is cherry picking reviews a bit dubious? Yes, I guess so, but at the same time I would expect promotion to skew those results a little. I’ve left negative reviews in the past and know they haven’t been censored or removed, so I trust the reviews that are present to be indicative of general opinion. I would also never, personally, go on three reviews alone to inform my decision; as with eBay and Amazon I will always read the most recent couple of reviews, a couple of the best reviews (and note when they were made) and a couple of the worst reviews (also noting date posted) to get a good spread. Booking.com makes finding those reviews so painless that I’ve never really noticed the ones on the main page are curated.

I will also defend their five-step rating system. You can always expand a review score to see how the aggregate has been calculated and having five specific categories makes doing so a lot easier. In the example given in the article, Roman states that:

A great location will not compensate for sleepless nights

But I have to disagree a little bit. Obviously, it depends on what you’re looking for, but I will happily sacrifice comfort for location if that’s a priority. If I’m going to a big city and planning on being out until the early morning anyway, I don’t really care about late night noise but I do care about walking distance to the venue (for example) that I’ll be visiting. It’s a bit of a pedantic argument, but I feel like their ratings scheme is genuinely useful and wouldn’t, personally, regard it in anyway “Dark”, which shows that the concept can be a little subjective.

At any rate, agree or not, the article is well put together and is worth a read if you use Booking.com, if for no other reason than to be a little more aware of the strategies the are employing. If you do find it a stressful experience, perhaps it may even help.

Insta Inspiration [#45]

The recent update to Lightroom (and descent into League) means that photography has taken a bit of a backseat once again, but I have actually managed to turn posting to social media into a bit of a trend. I’m enjoying it so far, which is good, but have discovered that my reasons for enjoyment are very different across the two platforms I’m utilising.

On 500px, the kick I get from uploading a new image is very much a stereotypical social-media hook. I enjoy seeing people’s enjoyment; getting likes, follows and comments. Sure, each upload comes with a slight worry about how it will rank compared to those that came before, but each image that reaches Upcoming or Popular status feels like an achievement, which makes me want to upload again. It’s a simple feedback loop that keeps me engaged with their website, even if some photos do unexpectedly well or bizarrely poorly (seriously, as far as I’m concerned my shot of the Old Man is the best photograph I’ve edited to date).

However, my engagement with Instagram has come from a very different source, which has surprised me. Possibly because I’ve been using the service as a log book for several years, I really don’t care how much traction my images get. In fact, unlike 500px, I basically view likes on Instagram as irritations, creating notifications on my phone to be swiped into oblivion. That does change if I know the person that has liked the image, especially if they’re someone who enjoys photography or creative outlets themselves, but otherwise I’m completely nonplussed by direct engagement metrics on the platform. So why bother uploading there in the first place?

It sounds completely strange, but I actually find Instagram much more valuable as a tool than as a service. Uploading an image is less about the sharing as having a very quick and intuitive way of tweaking settings and playing with filters to see if I can improve it a little more. Once that’s been done, I’ll often fire up Lightroom again and actively compare the two images, slowly tweaking Lightroom’s settings to make it more Instagram-like before re-exporting a ‘final’ version for 500px. I strongly believe that the style of images presented on both platforms should be different, and never try and copy Instagrams filters wholesale, but they do tend to point me in a new direction or just help with refinement.

That’s the process that I used on my Old Man shot and is largely why I love the outcome as much as I do. I thought it was a great photo before I ran it through the Instagram tweaking process, but the version that came out the other end blew me away. Taking those changes and reproducing them myself ultimately led to a final image that I think is better than either of the previous two outcomes. Other times I’ve decided to just upload to 500px, partially because I couldn’t see how Instagram could make the image better and partially because the process of getting a file onto Instagram is incredibly frustrating. In pretty much every instance that I’ve chosen this route I’ve regretted it, often re-uploading to 500px at a later time having flip-flopped on my decision.

Just to show what I mean, here’s my latest upload, a shot of a snow leopard checking out his recently snow-bedecked surroundings at the wonderful Hellabrun Zoo in Munich, Germany (taken on a trip almost two years ago):

Snow Leopard, Winter, Munich Zoo by Murray Adcock on 500px.com

I uploaded the image to 500px first because I didn’t think it could be tweaked any more. I also wanted to retain a very natural feel, which isn’t exactly Instagram’s forte. That said, here’s the same image uploaded a few minutes later and tweaked subtly in Instagram:

Now, I wouldn’t ever consider copying that style wholesale to 500px. It definitely isn’t as natural looking, with a weird purple haze, and it’s lost some of the ruggedness of the environment as a result. However, something about that combination of settings on Instagram really makes the leopard pop, creating a much nicer sense of depth and focus. I was extremely tempted to try and replicate the look, except for the colour, and re-upload to 500px. Unfortunately, I can’t picture in my head what settings to push around in Lightroom to achieve the outcome I want, so right now the original remains.

How I’ve come to use Instagram is not at all what I expected, but speaks volumes about how clever their rendering algorithms are (or how much I still have to learn about Lightroom, of course). For now, it feels strangely inspiring knowing I can quickly iterate a number of ‘looks’ for my image and then replicate the bits I like. That’s a creative process which seems to be providing quite a hook.

Asking the Right Answers [#44]

I have been taking part in Google Rewards for over a year now. For the most part, I complete the various surveys to feed an ongoing habit without feeling like I’m being too indulgent or wasting money. It’s a fast and easy way to make a bit of completely disposable income and, honestly, the service works well.

Broadly, the surveys I get fall into three categories: store feedback, google reviews and marketing surveys. Store feedback is usually a case of confirming that I visited a given location and then rating them out of five. It’s quick, interesting enough to see which businesses feel the service is worthwhile and lets me provide some limited feedback. I don’t really imagine that the data is all that worthwhile, but enough stores do it, some of which having done so for an entire year at this point, that they must get something from the results.

Google reviews are a little more tedious but also have a higher reward, so I quite enjoy receiving them. I’m one of those people that routinely reviews online purchases, fills out in-store questionnaires and generally says “yes” when asked if I have a minute. I totally understand why most people ignore these types of things, but I try to do them whenever I have spare time for two main reasons. The first is that I’ve worked retail, I’ve been the person with the clipboard and I am fully aware how much that role sucks. I literally spent two months, for 4-5 hours a day, wandering around Durham trying to get people interested in taking a flyer for a store I worked for, and that was difficult enough. Getting people to actually engage with you for longer than ten seconds… that sounds like hell on Earth. The second reason is that I like having a record of my opinions, which should be fairly obvious from this website (and elsewhere), and that extends out to the services I’ve used and the items I’ve purchased.

So, the first two groups are easy for me to understand and pretty common. But once every month or so I’ll get a survey from group three: marketing research. Not market research, but questioning me on the adverts that I remember having seen or my awareness of brands. I imagine most of these are Google trying to gauge how well its own advertising algorithms are, something which is totally apparent when I get a survey like the one I received this morning.

That survey was incredibly quick and began by showing me a thumbnail of a Youtube video by Philip DeFranco. The video was several years old (I could see the uploaded date on the image) and the survey wanted to know if I had watched it. Now, I’ve been subscribed to Phil since I first created a Youtube account back in 2009 and had already been watching him for over a year before that. I quite literally created my account just to be able to track which of his back catalogue of videos I had watched. As a result, I could say with pretty high certainty that I had watched the video they were showing me. I also assume, considering that Youtube is tied to my Google account, that they already knew that I had watched the video. The first question on these surveys tend to request confirmation of known information, so that made sense.

But then they did something which I don’t understand, at all. I think what they were trying to do was refine their suggested videos algorithm but the way they went about it was just weird. There were two more questions to the survey and both showed another thumbnail of one of Phil’s videos from over a year ago. Both asked me to rate, out of five, how useful these would be as suggested videos on Youtube. Now, I don’t propose to understand the exact results or answers Google are looking for here, but I can imagine that they’re hoping to confirm that, yes, someone who wants to watch a video on current affairs would like to watch more videos on current affairs. The problem, though, is that their survey is completely ignoring my own video watching history. I am subscribed to Phil’s channel; I have watched every video he’s uploaded in the past decade. I don’t need to have his old videos suggested to me because I’ve already seen them. However, none of that information has been requested by the survey, so from the perspective of the questions I’ve been asked then, yes, based on the fact I enjoyed watching the first video I would want the other two videos to be suggested.

Yesterday I was reading an A List Apart article on why asking the right questions in user testing is key to not screwing up. Perhaps because that was on my mind, this survey through me round a loop. On a personal level, completely honestly, those videos are useless suggestions to me and I would have liked to rate them 0 out of 5 (which is, irritatingly, never an option). However, I’m a huge fan of Phil and want his channel to keep growing. Saying “Yes, I watched that one video of his and never want to watch another” seems wrong. I don’t want Google to take that message away from this survey. On the other hand, I hate how my current suggested videos feed is full of videos I’ve already seen and content from channels I’m already subscribed to. It’s a personal pet peeve of the current Youtube setup because it makes that page incredibly pointless, so I really don’t want to reinforce that behaviour and say that these are good suggestions.

At this point, I’m definitely over analysing what’s going on, but you would hope a company the size of Google would understand that the way they present a survey will have differing impacts. The questions are needlessly broad and non-specific, leaving the interpretation open to the user, but the subject matter leaves me stuck trying to guess what data Google actually want from me. Do they want me to know if I like those types of videos or do they want me to ‘confirm’ that suggesting other videos from channels I’ve watched before is a good thing? Unfortunately, I don’t know which it is, which means I don’t really know what the question is, and if I don’t know that, how can I answer it?

In the end, I just stuck them both at 4/5 stars. Typing this up now I feel that was probably the wrong thing to do, but oh well. At the end of the day, Google asked what seems like a fairly innocuous question, but one which has two wildly different answers. I doubt I’m the only person getting that question but I’ll probably be an outlier in my response. Still, it’s a prime example of where the phrasing, setting and simplicity of a question can leave it horribly ambiguous. The result will likely go on to inform some form of policy at Youtube, which is a shame, because no matter what question they thought they were asking I doubt it’s the one they’re actually having answered.

Welcome to the Grid [#43]

There are a lot of new web technologies emerging at the moment which really feel like we’re entering a new era. Over the last decade, the likes of HTML5, ES6+, flex box etc. have brought the web, and the technologies on which it is built, very much into the modern day. Accessibility, responsiveness and flexibility have become standards, instead of the nice-to-have pipe dreams they were when I first built a website. Still, a lot of the new features and developments have been addressing limitations of what the web was back in the early noughties.

Right now, then, is a little different. There are still plenty of problems with how the web operates, limitations to its functionality and misuses of its resources, but with a little time and effort a website can become everything it was ever designed to be, and much more. The next round of technological implementation, then, is redesigning the way the web works. Do you need an active internet connection to be ‘online? Not any more. Want a website to do more than simply house and interlink static text? That’s getting pretty common.

Despite these huge leaps forward in terms of functionality, one element of those old, dark days has remained missing. Right when I started to learn HTML the standard approach was to mimic page setting from magazines by using <table> elements. That practice died a deserved death, but ever since the web has been slightly restricted in how it can display information in a dynamic, yet rigidly structured, manner. There have been improvements, such as display:table, flex box and semantically clearer HTML (section, article, aside etc.), but ultimately none have met the ease of application of a table layout.

Hopefully that’s about to change, thanks to CSS Grid. It’s a technology I’ve heard bits and bobs about for some time, but I’ll admit it hasn’t excited me like service workers or PWAs have. Thanks to (yet another) great article from A List Apart, I’m now firmly on board the Grid train and willing it to go faster, and faster, and faster. Honestly, I love the whole concept, but for me one of the most exciting aspects is the quick prototyping available through template-areas. For a full breakdown, read the article, but the “aha!” moment for me was seeing how this:

.cards {
        display: grid;
        grid-template-columns: 1fr 1fr 1fr;
        grid-gap: 20px;
        grid-template-areas:
               “a a b”
               “. d d”
               “c e e”;
}

Is automatically translated into this:

Layout of 5 grid blocks and 1 empty cell, showing how CSS Grid can span columns and rows, auto-fill containers and be easily spaced.
The beauty of CSS Grid.

That’s not just replicating all the functionality of the table-based layouts of yesteryear, it’s taking the best part of it, the flexible rigidity, and removing all the irritating parts, leaving just the essence. It’s wonderfully simple yet extremely powerful and has clearly been thought through to an obscene degree. The fact that even blank cells are inherently catered for, rather than having to just set a blank <div> or similar, is just fantastic. Vendor/browser support will be the next big hurdle, but by the sounds of things that’s coming along extremely well. Give it a year and CSS Grid looks like it could well be the new standard approach.

Stickers, Eclipses and Lighthouses [#36]

Today is a day for another round-up of interesting pieces from across the web. Nothing too special, but hopefully a little intriguing.

First up is Google Lighthouse, one of the many branches of the Alphabet behemoth and a pretty interesting little project. I haven’t actually managed to get it up and running, but I’ll definitely be trying it out on theAdhocracy some time soon (and probably weeping at the result). I don’t need to test it, though, to see it will be a very useful tool in battling the increasingly problematic issue of internet lag.

Second is the article which led me to Lighthouse in the first place: AMPersan, by Ethan Marcotte. Not much to add to this one, just another voice adding weight to my uneasiness with the idea of AMP and similar projects. Well worth a read if you’re interested in the open web.

In third place is a collection of ‘achievement’ stickers doing the rounds of the blogosphere right now. Originally designed by Jeremy Nguyen, published on The New Yorker and personally discovered via TheLogoSmith, the stickers are a humorous look at the pitfalls of being self employed. They’re specifically designed for freelance designers, but I feel a lot of them are applicable across disciplines. If you work from home, you’ll probably find yourself smiling and nodding.

Fourth on the list is a simple article from Martian Craft outlining “The Importance of Routine“. The post is aimed at remote works and is far from news to me, but it is a well written example of how to apply this kind of thinking. I’m saving it here more to try and force myself into setting something like this up for my own free time.

Finally, I was blown away by the “Lifetime Eclipse Predictor” visualisation created for The Washington Post (discovered via Source). In the wake of the recent total eclipse in the US, along with reading various posts on the rarity of such events, I’ve been left with a real urge to try and make sure at my path eventually coincides with a path of totality. It is a ridiculously awesome coincidence that our moon’s diameter and planet’s solar distance align so accurately. I mean, even if there are other life-hosting planets out there, we’re certainly one of an incredibly small number that can witness this phenomenon. That makes it practically a responsibility to see a total eclipse, at least once.

Accio Deathly Hallows

10 years ago today the Harry Potter series came to a close. With the publishing of The Deathly Hallows a large part of my, and many others, childhood came to an end. I find it strange that a decade has passed since, but probably for different reasons.

Whilst I was eager to read The Deathly Hallows when it first came out, I have to admit that the Potter franchise had lost its lustre for me. I grew up alongside the release dates, but as they stretched out over the last three books my own ageing overtook the target audience. By the close of the series I still counted myself a fan, but my life revolved far more around the likes of Lord of the Rings, Pratchett’s Discworld and authors like David Gemmell.

But the release of The Deathly Hallows does mark a pretty big event in my life, though I wouldn’t realise it for another three (!) years. Several days before the book was officially released, a little known channel on YouTube uploaded what would become a viral, fan-favourite and Harry Potter inspired song: Accio Deathly Hallows. The musician was Hank Green; the channel was “Brotherhood 2.0”, the fledgling website that would evolve into the Vlogbrothers. Whilst Hank and his brother John have become far better known for other reasons, ranging from writing The Fault in Our Stars (John) to creating VidCon (Hank), that song was what changed their experiment on YouTube into a community. Both brothers have pointed to Accio Deathly Hallows as a pivot point, the first time either had considered that their involvement in YouTube was more than just a one-year deal. The popularity it gave them on the platform ultimately changed both of their careers and, arguably, the face of both YouTube and the web in general.

That, for me, is the far bigger anniversary today. The Vlogbrothers, their content and their outlook on life have been a hugely impactful and important part of my life as I left home, went to University and officially began to “adult”. They remain one of my most watched YouTube channels, a huge inspiration and a brilliant example to the world of how to be humans. Whilst it feels like Harry Potter ended years ago (which I guess it did), the idea that the Vlogbrothers have been vlogging for over a decade is equal parts encouraging and terrifying. Forget Accio Deathly Hallows, I’m more interested in Accio DFTBA.

Security All The Way Down [#27]

Source, one of the many blogs I follow, has recently had a themed content week focusing on security. For their main readership this means security for the newsroom, security for the journalist, but their articles are both fascinating and widely applicable. It may seem a bit ridiculous but the reality is: everyone is a target. Yes, a journalist is more likely to be specifically targeted, because they have access to unique and often-times damaging material, but literally every single person has something that is valuable to someone else.

Maybe it’s money in the form of online bank accounts, crypto wallets or card-verified e-commerce sites like Amazon. Maybe it’s social media accounts, valuable for gathering personal identifiers that can be sold en masse for identity theft purposes or even to be used as part of modern botnets, spreading viruses and further compromises. Maybe it’s compromising personal information, images you wouldn’t want widely distributed or conversations you’d rather pay to keep out of the public eye. Maybe it’s just the thrill of seeing how far you can go, what you can uncover.

It’s unlikely that you would be directly targeted, but it’s actually fairly likely that you will be targeted at some point. It’s happened to me. A few years ago I received a message from my bank querying a large sum purchase made with a debit card that I hadn’t used in years. I freaked out a little, contacted them and had the transaction cancelled; once the bank had assured me that no further charges would occur I calmed down and started trying to piece together how the hell someone had managed to skim a card that had been out of circulation for years.

The answer, as is so often the case, was the combination of forgotten accounts, common passwords and third party security breaches. Exactly which chain of interconnecting services led to this particular attempt at fraud is impossible to prove, but here’s my best guess. Back when I was heavily active on League of Legends they had a mass server breach, with hundreds of thousands of accounts compromised. The parties involved made off with data tables of passwords, account names and associated email addresses; no credit card details, but enough personal information to be seriously damaging. My account name was unique and the associated email address had a different password, so I figured I was safe. I was wrong. Someone, somewhere, managed to link my username to an old email account, which used that same password (Error #1). They accessed that email account without my knowing (Error #2 – setup two-step authentication!) and from their likely downloaded my entire email history (Error #3 – if you don’t need it right now, encrypt/archive it or delete it).

Within that database of emails were messages from an ancient PayPal account I hadn’t used in years (Error #4 – close accounts you no longer need). That PayPal account had a different password, but that doesn’t matter; whoever it was simply had a password reset request sent to my compromised email address and flipped it. That PayPal account was still connected to my old debit card, which I’d never closed down despite no longer using it (Error #5). They tried to use that account, with that card, to make a purchase when luckily a third party, my bank, flagged it as suspicious. As a result, the purchase was cancelled. Great, right? Problem solved, issue avoided, time for a cup of tea, right?

Wrong. I contacted PayPal and had the account closed, I went to my bank and terminated the card and figured the worst of it was over. Except, the email account was no longer accepting my leaked password. Four years later and, for some reason, the password happened to be flipped back to the original one; I’ve just managed to regain control, through sheer luck, but the ripple effects are still being discovered. That email account was the main personal ID for dozens of other online accounts, many of which have been deleted, taken over or banned. Some were used for spam, others for malicious “fun” and others just destroyed. I’ve spent the best part of the last two weeks going through that old email account, finding associated logins across the web and shutting them down or taking back control.

The whole ordeal has spanned years and is still on going. Now, on the one hand, I got lucky. Losing so many accounts didn’t impact my financially, it didn’t uncover any secrets that could have been used to blackmail me or hit me IRL (I’m too boring for anything like that) and I never really felt any negative impact from it. I’ve lost some memories and a decent chunk of my personal time, but that’s about it. But like I said, I got lucky.

So, whilst very interesting and a recommended read, going through Source’s recent articles on personal security have left me a little red-faced. For everything I supposedly “learned” I’m not much better today then I was four years ago in real terms. I’ve slowly been building a database of accounts I have, what they’re associated with and the personal details they contain. I’ve reset my passwords and made sure they’re all unique. Where possible I’ve closed accounts I no longer want or, at the least, removed any personal identifiers from them. But beyond that? Not much.

Reading through A Guide to Practical Paranoia is like reading a checklist of ways I’m falling behind. It recommends using local password managers like KeyPass rather than cloud-based services, but I still haven’t managed to even make that step. Tor and other end-to-end encryption are mentioned as good first steps, but all I have is WhatsApp… not sure that really counts. Don’t use out of the box, popular options for data you care about it says, which I agree with whilst writing on a WordPress blog running the vanilla theme.

Perhaps it’s time to start making inroads into my personal security again. The reason it hasn’t happened yet is because it’s hard, it’s boring and it can be pretty confusing to boot, but the alternative is harder and potentially actively damaging. In the mean time, though, I can definitely recommend giving the suggestions and ideas on Source a good read over:

A Guide to Practical Paranoia – Stephen Lovell (Source)
Why My Motto as a Security Journalist is “Assume Breach” – J. M. Porup (Source)