This analysis makes me feel relatively better about Google’s Chrome Sync and relatively worse about Apple’s iCloud sync. Of course these and any of the other sync security options could change instantly if the vendor releases a browser update (in the case of Chrome a silent one) that modifies the behavior.
Data privacy and security in 2013: Cloudy! 1 cmts
On Friday I attended a Data Privacy Day (a real thing!) panel co-sponsored by HUIT and Harvard’s School of Engineering and Applied Sciences called “The Intersection of Privacy and Security“. The panelists were noted Harvard technology graybeard Scott Bradner, always interesting professor Salil Vadhan, and SEAS computing directory Steve King.
After some brief introductory remarks by the panelists about balancing privacy and security, the floor was opened. I seized the opportunity to ask about something that has been much on my mind lately: how to make sensible personal choices about data privacy (and security!) in an age of highly-connected devices heavily depending on third-party hosted services.
Or to boil that down a bit more: Let’s say I have a phone, a tablet, and a laptop, a pretty common set of devices these days. And let’s say I use them all constantly. And these devices are tracking what I read and listen to, who I talk to, where I go, what I buy, and every email, chat, and text I send and receive. They are syncing this data between each other and up to an amorphous “cloud” service, where my data is being collated, cross-referenced, sold to marketers, and stored forever.
Given this fact situation, how can I, as an individual, make sensible privacy and security trade-offs, when in order to get the maximal value out of these devices, I must cede control of my data — both the privacy of it and the security of it — to a third-party vendor such as Google or Apple?
A variety of answers were given, none of them entirely comforting. From Bradner, first, came the cynical view — pay in cash, forego loyalty programs, do not use cloud services, and assume everything you store online will be there forever. This is a valid answer, and rock-solid from a data privacy perspective, but I don’t consider it very practical.
His next suggestion was an interesting one, and that was to look for natural alignments — is the corporation I’m entrusting with my data looking out for the same things as I am? His example, backed up by King, was Google’s track-record on fighting invalid data requests from governments and safeguarding customer information. They do this both because that information is valuable to Google, and because customer confidence in Google is also valuable to their bottom line. This raises some interesting and difficult questions — with a company as far-reaching and often secretive as Google, how can we know their actions and track their intentions? For how long will my interests align with Google’s, and when they inevitable stop aligning, how can I erase my digital life from Google’s clutches?
Professor Vadhan I believe was the one to bring up some of the regulatory remedies. Data privacy laws, when well crafted, could help to protect individuals from corporate data misuse, and perhaps even some types of government data misuse. Europe has tried several approaches to this, with mixed success. But such regulation is not on the docket in the United States currently, so that solution doesn’t provide any immediate guidance. And, Professor Vadhan admitted, he clicks through every terms of service notice and privacy agreement without reading it, just as we all do.
In my view, and seemingly that of the panelists, there is no clear path forward at present for this problem. For now we must all work to inform ourselves about risks, balance the trade-offs, and make decisions that we are comfortable with. So maybe I will use the CVS loyalty card, but not link it to a credit card. Or I will use Google’s Gmail service, but not Google+. This is complicated, time-consuming, and frankly difficult — Facebook’s privacy settings, for instance, shift frequently in unexpected ways, often without notice. Opting out of online services’ choices about how to use our personal data is becoming more and more difficult — perhaps because they see it as their data.
With no easy answers on individual data privacy, we can only muddle on as we have been doing, and hope for clearer, easier choices in the future. Meanwhile, the data we share ends up in unexpected places. The only silver lining, in my view, is that I’m not convinced that putting something on the internet does necessarily mean it will be there “forever”. The internet does seem to forget, or, if not forget, at least the constant deluge of new data seems to moderate and bury the old, in ways that can only be good for our lasting well being.
iPhone lover “confesses” to switching to the Nexus 4 4 cmts
Ralf Rottmann lays out his reasons for switching from an iPhone to the newest Google Android device. I too have been interestingly eyeing a Nexus 4, for many of the same reasons he expresses. The iPhone has consistently won out with both hardware and software design, quality of user experience, and availability of compelling applications. But Android has finally improved to the point where those advantages are greatly diminished. Meanwhile Android’s advantages with regard to intra-app communication, more seamless sharing, and Google service integration have not been matched on the iPhone side, no matter what the misleading Siri advertisements claim.
My concern continues to be what it has been from the beginning — in addition to wanting a device that works reliably and well, I also want one that belongs to me. I am extremely wary of loading my entire life into Google’s digital vaults, from which it can never be fully extricated, is subject to massive amounts of collation and analysis, and is sold to their advertisers and kept for their future uses.
I do use Google’s Gmail service for my email, but I pay for it, and I wish that along with that payment would come a much more significant promise to segregate my data and not use it for evil. Until such a promise is more clearly expressed, I don’t trust Google’s Android ecosystem any more than the rest of the services they provide — the Chrome sync that I disable, the Web History that I purge, the mandatory public Google Plus profile that I strip of all useful information, etc. It’s not that I’m afraid to share information online, simply that I want to control my own information and make my own choices, and have the right to change my mind in the future. I don’t think that is too much to ask.
Gun violence triptych 0 cmts
We don’t have to go far. Following the tragic school shooting yesterday in Newtown, Connecticut, the New Yorker is out in force with a set of devastating reactions, all worth reading:
- Adam Gopnik: Newtown and the Madness of Guns
- Evan Osnos: China Watches Newtown: Guns and American Credibility
- David Remnick: What Obama Must Do About Guns
- Nicholas Thompson: America’s Culture of Violence
I’m seeing the same sentiments all over the media I read and among the people I follow on Facebook and Twitter. I hope this is a trend, and that we may finally, finally have the momentum to take meaningful action in America on firearm legal reform. Remarkable — yet not — that it took the mass murder of nearly two dozen kindergarden children to get us here. If we don’t take action now, I’m not sure we ever will.
A Portrait of the Systems Administrator as a Young Man (Part 1) 2 cmts
When I started at the Instructional Computing Group, I aimed to be subservient. I was coming from a small fast-paced research center with a lot of strong personalities, complicated politics, and limited technical resources. I had charted my own path there, and I thought it was a good one, but now I was ready to learn how the “professionals” do things. Plus I was looking forward to working normal, non-crazy hours.
Through reorganizations and office moves, I stuck with the philosophy that I was here to do a job, and it would not behoove me to be involved in the politics of the place. Boy was I naive!
I came into the group tasked primarily with maintaining and improving three servers, and secondarily with building some new stuff. Anyone who knows me can guess I was much more interested in the latter than the former.
This was a transitional time in IT, or at least in Harvard IT. At my last job I had stood up virtualization, letting a few powerful servers run many smaller virtual systems. This was a pretty new thing, but it was awesome, and I just assumed everyone was going to be doing it soon. I had no idea at the time how conservative IT organizations often are, or how fragmented. Yes indeed there were virtualization initiatives — four of them that I was eventually became aware of, some well-funded and some small, some for Windows and some for Linux and some for both, none out of the pilot phase.
To do cool new stuff for instructional computing, I needed hardware, and if we were speccing out a few powerful (and expensive) servers, and there was no current virtualization solution available and supported, it just made sense to me that we should install VMWare or Xen on them (this was before KVM) and spit out a bunch of little VMs we could use for experimentation and student projects.
This was when I (and my boss) discovered that things were changing, control was being centralized, and being an “Instructional Systems Administrator” meant pretty much squat when it came to making decisions about infrastructure. Our request was not outright denied, it was just delayed and eventually pocket-vetoed.
Given the new realities, and the lack of enough work on the existing systems to fill my days, we came to the conclusion (my boss and I) that I should be embedded in the systems group part time, giving them a hand, learning about their technologies, and advocating for/formulating plans for ICG’s technical future.
And here’s where things went awry again — the UNIX/Linux team didn’t want me, I got to go sit with the Windows folks. Which is fine and all, but not at all relevant to what I was hired to do. Nor did they seem to much understand what to do with me.
Four months into the new job, I had accomplished very little, and things were not going very well. So I took a vacation to Barcelona. Sitting in a hot hostel common room after a long day I was finally able to cajole my Linux netbook onto the wifi. The first email that came in was from my boss, telling me he wasn’t my boss anymore, and I had been reorganized.
Coming in part two of our gripping tale: becoming a technical architect!
Two days back with Fitbit and I’m already annoyed 0 cmts
Yesterday morning I picked up my old Fitbit sensor and plugged it back in for the first time in about two years. If I’m going to do this thing, I want to do it right — record all food eaten, record weight and body fat each morning, etc. And ostensibly Fitbit supports this. But it is stunningly opaque. It flashes up calculated data such as calories burned that fluctuate wildly throughout the day. So I’m eating based on its estimate of 2300 calories, and at the end of the day when I sync it up I’ve walked 11,000 steps and 5 miles, and the little flower tells me I’m being active, but my “activity” score is 15 (out of 1000?) and my calories burned are down closer to 1800, way lower than it was predicting.
And “whoops,” it tells me, “you’re over your daily calorie goal.” Well, I wouldn’t have had that cookie after dinner if you had just given me some consistent data! I think this is why I gave up on Fitbit pretty quickly last time — I don’t want your faked up data, I don’t want your opaque “scores,” I don’t want your meaningless graphs that say I’ve been sedentary all day and seem to ignore the walks I took and stairs I climbed. The hard truth is that these pedometer-based fitness tracking systems are all hopelessly inaccurate and seem to verge on pseudoscience. If all you care about is footsteps, go nuts. For anything better, you’re going to need something much more sophisticated.
Funny, you would think the amazing tiny pocket computers studded with sensors that we all carry around nowadays and refer to as “phones” could help with this problem!