Categories
Links Writing

How Russia Polices Yandex

From Vice Motherboard:

This year, the “news aggregator law” came into effect in Russia. It requires websites that publish links to news stories with over one million daily users (Yandex.News has over six million daily users) to be responsible for all the content on their platform, which is an enormous responsibility.

“Our Yandex.News team has been actively working to retain a high quality service for our users following new regulations that impacted our service this past year,” Yandex told Motherboard in a statement, adding that to comply with new regulations, it reduced the number of sources that were aggregated from 7,000 to 1,000 with “official media licenses.”

The predicable result of the Russian government’s new law is that the government can better influence what information is surfaced to Russian citizens: when state news outlets release the same press release, en masse, Yandex1 and other major aggregators with a large number of readers are predominantly exposed to what the government wants them to see. So while Russia may interfere with foreign countries’ political processes by exploiting how social network and aggregator algorithms function (along with out-and-out illegal exfiltration and modification of communications data) they, themselves, are trying to immunize themselves to equivalent kinds of threats by way of the liabilities they place on the same kinds of companies which do business in Russia.

More broadly, the experience in Russia and changes in how Yandex operates should raise a warning flag for caution advocates in the Western world who are calling for social media companies to be (better) regulated, such as by striking down or modifying Section 230 of the Communications Decency Act (CDA). While there are clear dangers associated with these companies operating as contemporary digital sovereigns there are also risks associated with imposing harsh liability systems for publishing other persons’ content.

While such regulations might reduce some foreign interference in political systems it could simultaneously diminish the frequency at which legitimate alternative sources of information which are widely surfaced to the public. It remains unclear just how we should regulate the spread of malicious political messaging2 but, at the same time, it’s critical to ensure that any measures don’t have the detrimental effect of narrowing and diminishing the political conversations in which citizens can participate. It’s the very freedoms to have such conversations that distinguishes free democratic countries from those that are more autocratic.

  1. Sidenote: Yandex is the only website I’ve ever had to block from scraping my professional website because it was functionally acting as a DDoS.
  2. One idea would be to deliberately cut down on how easy it is to spread any and all information. By requiring additional manual effort to share content only the most motivated would share it. Requiring actual humans to share content with other humans, if done in a robust way, might cut down on the ability of bots to automatically propagate content as though ‘real’ people were sharing it.
Categories
Links Writing

Om Malik on the Blog Post Bribe Scandal

He writes:

The chase for cheap page views to arbitrage against advertising dollars is the real reason everyone at this mega page view factories willingly embraced this trend towards free content, which in turn left the whole experiment open to abuse. If you generate a lot of page views for these sites, you aren’t going away, because, in the end, it is all about page views.

On my other, professional, site I regularly receive requests from marketers to publish their content for some sort of payment. Many are outlandish in their requests whereas others have clearly done their homework and identified a range of posts the given brand wants to be associated with.

Some of the payment rates or product offerings are outlandish, others churlish, but none of them have ever overcome my baseline position: I own my professional web presence in order to build my reputation and brand. That brand is worth more than a few hundred or thousand dollars; it represents, at least in part, my ability to earn money over the span of the coming decades.

While there’s been some comic back and forth about charging marketers tens or hundreds of thousands of dollars to post other parties’ branded content, I think there is legitimately something to the idea. If you view your web presence as a long-term part of your career, and damaging that presence could potentially cost you in terms of future employment opportunities or consulting prospects, then that kind of valuation starts to make some sense.

Categories
Writing

What’s On My Homescreen, December 2017 Edition

Screenshot of my iPhone 7 homescreen from December 2017
Screenshot of my iPhone 7 homescreen from December 2017

My homescreen is mostly divided between stuff that I want immediate access to on a very regular basis and one or two ‘testing’ applications (in terms of position on the homescreen and/or whether I like them as applications). Without further ado:

Photography (Folder): I play with a lot of different photo apps, though I tend to alternate between Darkroom and Snapseed a fair bit and rarely use Polar anymore. Slow Shutter is something I’m playing around with off and on, and ProCam was free.

Reminders: I don’t like the application but since I basically just use it for groceries I’m not willing to spend money for a ‘better’ app.

Notes: Much of my life exists in Notes.  I wish there was better support for markdown and would love tagging support. And it’d be great if Apple would fix the freezing bug that was introduced in iOS 11! But on the whole Notes plays well across all my Apple devices and the interface just gets out of the way.

Messages: Not my default means of communicating with people, in part because I try to avoid sending SMS messages as best I’m able for security reasons, but it’s a necessary evil in my life.

Phone: I take and make a lot of calls.

WhatsApp: My preferred method of communicating because it’s a cross-platform app (don’t need to know if someone is on an iPhone, Android, Blackberry, or whatever else) and encrypts voice-, video-, and text-based messages end-to-end. Still, it leaks some metadata and so, in some instances I use…

Signal: The best of consumer-available secure messaging app. Unlike WhatsApp, Signal keeps the bare minimum amount of information required to process communications.

Podcasts: I listen to silly numbers of Podcasts. I had problems with the application in iOS 9 but they seem to have been fixed in iOS 10/11. Importantly, the application syncs well across all the Apple devices that I own.

Hello Weather: I wish I could download and use Dark Sky but it’s not available in the Canadian App Store. Hello Weather pulls data from the same repository as Dark Sky so it’s as accurate, if not as pretty.

Day One: I’ve kept digital journals in one format or another for well over 15 or 16 years. I’ve been using Day One for a few years and love the interface.

Ulysses: I keep coming back to Ulysses even though I don’t derive any joy from using it. It’s certainly functional and lets me publish to my WordPress websites and I enjoy how it does markdown. But the interface is the definition of ‘meh’ for me.

Reeder: Too much of my time is spent in Reeder. I follow a lot of wonky websites and blogs, plus fashion, tech, culture, and more. So much to read and so little time!

Paprika: A relatively new application in my life, I’m seeing whether the application fits  into my life. Previously I was using the Notes app to keep track of recipes but that didn’t scale very well. My hope is that Paprika really does take over part of my life and make shopping that much more pleasant.

iBooks: For pleasure reading I only purchase digital copies through iBooks. I realize it’s a walled garden but I’ve long since made my peace with that.

Activity: I’ve tracked my baseline activity information for almost ten year and this app collects daily information from my Apple Watch. I use a separate application — Healthview — to study longer-term trends in my personal fitness and health.

Halide: The newest application in my life! Though I usually shoot with my mirrorless camera, sometimes it’s not convenient and so I whip out my iPhone. Halide gives me more control over what I’m shooting and I really appreciate the ability to turn on focus peaking.

Safari: Because I, too, browse the Internet.

Mail: It’s not the best of clients but it’s as bad as most. And the really good ones would force me to move my mail through additional third-parties, and I’m not willing to engage in that kind of activity.

Tweetbot: I use Twitter a lot and a large portion of my professional network is located there. But the official Twitter application is just horrible in my view, whereas Tweetbot gets out of my way and lets me just enjoy the content steaming by.

Music: I usually have music playing in the background if I’m not listening to a podcast.

Categories
Aside Links

(In)Security and Scruff

From The Verge:

Ashley: And then, you mentioned it in transit, do you store these on Scruff’s personal servers? When it’s on the server, is it encrypted? What kind of protections do you have on the server?

We take a number of steps to secure our network. Encryption is a multifaceted and multilayered question and process. Yeah, I can say that the technical architecture of Scruff is one that we have had very smart people look into. We’ve worked with security researchers and security experts to ensure that the data that’s on Scruff stays safe and that our members can use Scruff with confidence and know that their information isn’t going to be disclosed to unauthorized parties.

This is exactly the kind of answer that should set off alarm bells: the developer of Scruff doesn’t actually answer the specific and direction question about the company’s encryption policies in an equivalently direct and specific way. Maybe Scruff really does have strong security protocols in place but you certainly wouldn’t know that was the case based on the answer provided.

It’d be a great idea if someone were to develop the equivalent of the EFF’s or IX Maps’ scorecards, which evaluate the policies of digital and Internet companies, and apply it to online dating services. I wonder how well these services would actually fare when evaluated on their privacy and security and anti-harassment policies…

Categories
Photography

Just Parking

Photo made with Olympus E-M10ii and Olympus M.Zuiko Digital 17mm F1.8 in Kensington Market on September 17, 2017 in Toronto, Ontario. Edited in Apple Photos.

Categories
Links Writing

Privacy Enhancing Technologies – A Review of Tools and Techniques

From the Office of the Privacy Commissioner of Canada:

PETs are a category of technologies that have not previously been systematically studied by the Office of the Privacy Commissioner of Canada (OPC). As a result, there were some gaps in our knowledge of these tools and techniques. In order to begin to address these gaps, a more systematic study of these tools and techniques was undertaken, starting with a (non-exhaustive) review of the general types of privacy enhancing technologies available. This paper presents the results of that review.

While Privacy Enhancing Technologies (PETs) have been around for a long time there are only some which have really taken hold over time, and usually only as a result of there being a commercial incentive for companies to integrate the enhancements.

Some of the failures of PETs to be widely adopted have stemmed from the reasons specific PETs were created (to effectively forestall formal regulatory or legislative action), others because of their complexity (you shouldn’t need a graduate degree to configure your tools properly!), and yet others because the PETs in question were built by researchers and not intended for commercialization.

The OPC’s review of dominant types of PETs is good and probably represents the most current of reviews. But the specific categories of tools, types of risks, and reasons PETs have failed to really take hold have largely been the same for a decade. We need to move beyond research and theory and actually do something soon given that data is leaking faster and further than ever before, and the rate of leakage and dispersal is only increasing.

Categories
Aside

Migration: Accomplished

Since the summer I’ve managed to port over, and re-categorize, over a thousand posts from a previous personal blogging website (Quirks in Tech) that I hosted with Tumblr. While there’s still some stuff to do — fixing up the tagging structure as an example — I’m glad that the most laborious activity has come to an end!

Categories
Quotations

2017.12.3

This dark concept of total distrust was mostly spread via the Internet because it was what the Internet was built for—sharing ideas. Although the Internet is the most democratic means of communicating, it can be also be misused by governments and other groups.

Does this mean we should accept the concept that the Internet carries more threats than benefits?

The creators of the Internet supported the opposite concept. Unlike Putin, they believed in people and built the global network under the assumption that it would be used for sharing something good. They may look naïve these days, but we have our modern linked-up technological world thanks to their concepts, not Putin’s. These days, we all speak the language of suspicion and threats posed by the Internet. In a way, in means we are speaking Kremlin’s language. Do we really need to?

Andrei Soldatov, “Speaking the Kremlin’s language
Categories
Aside Links

The Problem of Botting on Instagram

Calder Wilson at Petapixels:

Instagram’s Terms of Use make it clear that botting is a no-no. Over the past couple of years the platform has implemented anti-spam/anti-bot restriction, which does things like prevent accounts from liking too many photos in a short amount of time or commenting the same thing again and again. It’s obvious they oppose using bots ideologically, and it’s very easy to determine who’s using them or not, so why don’t they do something about it?

For one thing, Instagram is killing it right now. Every time Facebook reports their financial earnings, they need to show robust growth in their flagship products; almost just as importantly, they need to show healthy engagement. Growth and engagement are the life forces of Facebook’s stock, and any decrease in either can send shares south.

Now, consider that my @canonbw account was liking over 30,000 photos every month along with thousands and thousands of comments. That doesn’t even include the activity generated from people responding and liking my images/following me in return. If I took every Instagram user I know in my life who doesn’t use a bot, it’s more than likely that my single account generated more “activity” than everyone else over the last year combined.

If we take into account the massive number of people botting everyday all around the world, the number of likes and comments are astronomical. It’s very unlikely that this huge engagement engine will ever be shut down by Facebook Inc. The relationship between Instagram and botters is seemingly symbiotic, but I argue that in the long run, Instagram suffers.

The problems linked with false engagements fuels the life of Facebook as a public company, while turning the actual product space into one that is as demoralizing as Facebook itself. A growing number of academic articles are finding correlations between Facebook use and depression, in part linked to how much content is liked. While Instagram use remains relatively strongly correlated with happiness, will this persist with the growing rise of bots?

Categories
Links

How to Debug Your Content Blocker for Privacy Protection

Via the EFF:

Millions of users are trying to protect their privacy from commercial tracking online, be it through their choice of browser, installation of ad and tracker blocking extensions, or use of a Virtual Private Network (VPN). This guide focuses on how to correctly configure the blocking extension in your browser to ensure that it’s giving you the privacy you expect. We believe that tools work best when you don’t have to go under the hood. While there is software which meets that criteria (and several are listed in the final section of the guide), the most popular ad blockers do not protect privacy by default and must be reconfigured. We’ll show you how.

Definitely a helpful guide to help you get the most out of your Ad/Tracker Blocker.

As a note: you don’t just want to block ads and trackers for privacy reasons (linked to being surveilled as you travel around the Internet) but also for security reasons: online ads are a vector for dropping malicious payloads and even the biggest networks are periodically affected.