There are a lot of different security guides, but I think that in terms of trying to balancing being comprehensive, accessible, and directly actionable, Zebra Crossing is amongst the better guides out there. Who’s it for?
1. You use the internet on a day-to-day basis â for work, social media, financial transactions, etc.
2. You feel you could be doing more to ensure your digital safety and privacy, but you’re not in immediate danger. (If you are, seek out an expert for a one-on-one consult.)
3. You’re comfortable with technology. For example, you’re comfortable going into the settings section of your computer/smartphone.
How should it be used?
1. Recommendations have been sorted in ascending levels of difficulty. Start from level one and work your way up!
2. Everyone should follow the recommendations in levels one and two. They will protect you from the widely-used (yet simple) attacks. Going through them shouldn’t take more than 1-2 hours.
3. Level three is a bit more involved in terms of time and money and may not be 100% necessary. But if you’re worried at all and can afford to, we recommend going through that list too. Depending on the amount of digital housekeeping you have to do, it may take anywhere from an hour to an afternoon.
4. The scenarios listed after are for higher-stakes situations â scan them to see if any of them apply to you. (Because the stakes are higher, they assume that you’ve done everything in levels 1-3.)
Another great resource is Consumer Reports’ Security Planner. While it’s not designed to comprehensively guide you through upgrading your security profile, it is probably even better for helping individuals improve specific security practices.
To be clear, using a VPN doesn’t magically solve all these issues, it mitigates them. For example, if a site lacks sufficient HTTPS then there’s still the network segment between the VPN exit node and the site in question to contend with. It’s arguably the least risky segment of the network, but it’s still there. The effectiveness of black-holing DNS queries to known bad domains depends on the domain first being known to be bad. CyberSec is still going to do a much better job of that than your ISP, but it won’t be perfect. And privacy wise, a VPN doesn’t remove DNS or the ability to inspect SNI traffic, it simply removes that ability from your ISP and grants it to NordVPN instead. But then again, I’ve always said I’d much rather trust a reputable VPN to keep my traffic secure, private and not logged, especially one that’s been independently audited to that effect.
Something that security professionals are still not great at communicatingâbecause weâre not asked to and because itâs harder for regular users to use the informationâis that security is about adding friction that prevents adversaries from successfully exploiting whomever or whatever theyâre targeting. Any such friction, however, can be overcome in the face of a sufficiently well-resourced attacker. But when you read most articles that talk about any given threat mitigation tool what is apparent is that the problems that are faced are systemic; while individuals can undertake some efforts to increase friction the crux of the problem is that individuals are operating in an almost inherently insecure environment.
Security is a community good and, as such, individuals can only do so much to protect themselves. But whatâs more is that their individual efforts functionally represent a failing of the security community, and reveals the need for group efforts to reduce the threats faced by individuals everyday when they use the Internet or Internet-connected systems. Sure, some VPNs are a good thing to help individuals but, ideally, these are technologies to be discarded in some distant future after groups of actors successfully have worked to mitigate the threats that lurk all around us. Until then, though, adopting a trusted VPN can be a very good idea if you can afford the costs linked to them.
Welcome to this edition of The Roundup! Enjoy the collection of interesting, informative, and entertaining links. Brew a fresh cup of coffee or grab yourself a drink, find a comfortable place, and relax.
I put together, and self-published, another photobook that is entitled âPandemic Chronicles: Book Iâ. Each week that my city has been in (functional) lockdown, Iâve gone out once or twice and made images while just stretching my legs outside.
Over the past four months itâs often been hard to figure out how, exactly, Iâve been processing the life changes that have been imposed as a result of the pandemic. My life has, in many respects, reverted to that of my life during my PhD. So, lots of time inside and rarely leaving leaving my home, and having considerably less social contact than normal.
I think that itâs through my photos that I can best appreciate how Iâve felt, in retrospect, and understand how those images reflect how I see the world. The book that I made isnât particularly dark: itâs just…lonely. It showcases the city that I live in, without the people that make it the city that I love. It shows people living their lives, often alone or separate from others, or while engaging in âsafeâ behaviours. And, towards the end, it shows the light returning to Toronto, though in a format that differs from prior summers.
Photography has, and remains, a way for me to engage a creative part of my brain that otherwise would lie fallow. And, also, itâs operated as a meditative process that uncovers how I have been in the world, and how the world has been presented to me. As someone who has struggled with the idea of a ânarrativeâ in image making, I think that this book is a breakthrough because it âsaysâ something in aggregate that is more than just a presentation of visually pleasant images: it speaks to where I live, and how it has endured in the wake of the cityâs closure. Is it the height of art? No. But itâs the closest Iâve come in this medium so far!
Inspiring Quotation
âGoodâ can be a stifling word, a word that makes you hesitate and stare at a blank page and second-guess yourself and throw stuff in the trash. Whatâs important is to get your hands moving and let the images come. Whether itâs good or bad is beside the point. Just make something.
(Photos included in âPandemic Chronicles: Book Iâ by Christopher Parsons)
Music Iâm Digging
This month has been packed with a lot of listening, with some alternative and R&B pretty tightly mixed in with hip hop. The best of what I listened to in June includes tracks from Yung Toryâs Rastar (including Mizu, Water Pt 2, and Netflix & Chill), Kali Uchisâs TO FEEL ALIVE (EP), HONNEâs no song without you (Single), and 6LACKâs 6pc Hot(EP).
Neat Podcast Episodes
Iâve been listening to a pair of new podcast shows over the past month that Iâd recommend. From the CBC, thereâs This Is Not A Drake Podcast, which uses Drake as a way to talk more about the history of rap and hip hop. So far Iâve really appreciated the episode on mixtapes, as well as the connotations of Nice Guy rappers.
Very differently, Iâve also been listening to the Globe and Mailâs series, Stress Test, which is about money issues facing millennials in the time of Covid. The episodes havenât been staggering brilliant (a lot of the advice is pretty time tested) but the caution and suggestions are all helpful reminders.
Good Reads
Reflections from an âAccidentalâ Mentor// Prof. McNamaraâs discussion of what it means to be a mentorâ first and foremost modelling who we are, as individuals, rather than fitting within a particular narrow category of who we are normatively expected to beâis good advice, and important if we are to expand what is ânormalâ within academia. She also focuses on celebrating the commonality across scholars; weâre all nerds, at heart, and so should focus on those attributes to create community. I agree, but for myself itâs more than that: itâs also about ensuring that the structures of professional environments are re-articulated to enable more junior persons to experience their jobs and professions in ways that werenât possible, previously. Itâs not just about focusing on commonality but, also, assessing baseline principles and values and ensuring that they conform in theory and practice with welcoming, creative, equitable, and inclusive environments. And, finally, itâs about accepting and making clear that as mentors we are fallible and human, and creating workspaces where others can also betray these inherently human (and humanizing) characteristics.
Jon Stewart Is Back to Weigh In// Jon Stewartâs comments throughout this interview are worth the read; his assessment of the problems of contemporary political mediaâcentred around the âneedâ for content to fuel a 24/7 media environmentâas well as for the media to engage in structural assessment of practices, are on point. Similarly, his discussion of the nature of racism in American society (but, also, Canada) strikes to the heart of things: even if someone isnât deliberately malicious in deed or thought, they are conditioned by the structures of society and power in which they live their lives. And those very structures are, themselves, racist in their origin and contemporary design.
Hacking Security// Goerzen and Coleman do a terrific job in unpacking the history of what is secured by computer security experts, and why certain things are within or outside of bounds for securing. Critically, while experts may be involved in protecting âassetsâ or combatting âabuseâ, where threats to assets or abuse arise from the underlying profit mechanisms associated with large technology companies, those mechanisms are seen as outside of bounds for security teams to engage with. Similarly, the failure of security teams to consider, or address, âpoliticalâ issues such as abusive speech, harmful video content, or propagation of racist or white supremacist content all showcase the need to critically interrogate what is, and isnât, made secure, and to expand security teams by adding social scientists and humanities scholars: technology is political, and we need security teams to have members who are trained and competent to consider those politics.
Once Safer Than Gold, Canadian Real Estate Braces for Reckoning// Canadians have been doubling down on their debt-loads for over a decade to the point, today, that on average Canadians owe north of $1.76 per $1.00 of income, with that number rising in the countryâs largest cities. Housing is particularly vulnerable and, if it is destabilized, can be devastating to the Canadian economy more broadly given that it accounts for around %15 of GDP; slowdowns in housing will delay the revival of the Canadian economy, while simultaneously threatening the ability of Canadians to stay in their homesânowâor retain their savings to invest for their retirementsâin the future. If anything good comes of this, maybe it will be a reminder that allocating the majority of your savings into a single asset is, indeed, not a good long-term investment solution which could have knock on effects if investors decide they want to move to their next bubble, and let the housing bubble deflate as gracefully as possible.
You Want a Confederate Monument? My Body Is a Confederate Monument// âI have rape-coloured skin.â Not only is this perhaps the most poignant lede Iâve come across in an opinion piece in years, it also sets the stakes for the Williamsâ article; the very skin of many Americans (and Canadians) is a testament to violent and racist actions taken against women who were forced from their homes to live as slaves. That testament continues, today, and not just in the monuments that were established in the Jim Crow era to deliberately attempt to continue subjugating Black persons, but in the very skin inhabited by the grandchildren and great-grandchildren of enslaved people.
Vladimir Putinâs war of fog: How the Russian President used deceit, propaganda and violence to reshape global politics// I take issue with some of MacKinnonâs choice of language in the first ÂŒ of the articleâhe suggests that truth is substantively confused and that Putinâs tactics are more successful that I think are appropriate to concedeâbut beyond that heâs done a masterful job in creating an overview of who Putin is, what heâs done, and how heâs come to (and held onto) power. If youâre a long-time Russia watcher you may dispute where MacKinnon puts some of his emphasis, or in his assessment of some events, but I donât think that you can deny that this is a helpful article that provide the broad contours of Putinâs life and career. And, after having read it, it will hopefully inspire people to learning more of the financial, military, or other scandals that have happened throughout Putinâs leadership of Russia.
Cool Things
iPad OS + Magic Trackpad 2// Lots of people already have figured this out but…the new version of iPad OS + a Magic Trackpad 2 and a keyboard is a really, really compelling combination. Iâve using this as my writing and work system for a little while and it continues to prove to me how robust the iPad actually is, and how many of the pain points have been, or are being, ground away with each version of the operating system. That said, some of the gestures are very, very opaqueâin particular those associated with the slide over windowâand so you may want to review how, exactly, those gestures really work to get the most out of the process (and not get frustrated when certain windows just wonât go away!)
Welcome to this edition of The Roundup! Enjoy the collection of interesting, informative, and entertaining links. Brew a fresh cup of coffee or grab yourself a drink, find a comfortable place, and relax.
Iâm in the process of determining what new camera I want to buy, principally to replace my aging Sony rx100ii. That camera was bought in used condition, and has been to four continents and taken approximately 20K shots. Itâs been dropped, frozen, and overheated. And even gotten a little damp from salt air! It owes me little and still produces solid (black and white) images: it seems that in my abuse I did something to the sensor, which means colour images sometimes just turn out absolutely wacky.
So what do I want versus what do I need? I know from my stats that I prefer shooting between 50mm-100mm equivalent. I know that I want a fast lens for the night.1 I donât take action shots so I donât need the newer Sony camerasâ tracking magic. I donât want anything bigger than the Sonyâitâs size is a killer feature because I can always carry it aroundâbut definitely want a pop up viewfinder and a 90 degree tilt screen. I donât want another interchangeable system: my Olympus kit has me covered on that front.
What do I want? Iâd love to have easy access to an exposure dial. An internal ND filter would be super great. Some in-body image stabilization would also be stellar, and if I could squeeze in the ability to charge from a USB battery pack while keeping prices under $1,000 that would be perfect. Oh, and something better than Sonyâs pretty terrible menu interface!
What donât I need? Any more than 20MP, actual waterproofing2, a big body or permanent viewfinder, an APS-C sensor, audio-in features, dual SD card slots, or crazy fast tracking.
This currently means Iâm very interested in some of the older Sony rx100 camerasânamely the iii and ivâand maybe the new Canon G5Xii. I know my actually photographic outputs are, in order, Instagram, my TV, photos on my wall (no larger than 24×36â), and then photo books. I know a 1â sensor is more than enough for all of those uses. Now I just need to see how the Canonâs reviews shake out, the cost of them, and then evaluate the differential between Canonâs and Sonyâs cameras!
Inspiring Quotation
Taking pictures is savouring life intensely, every hundredth of a second.
Marc Riboud
Great Photography Shots
I have a set of abstract photos that Iâve taken over the years and, to date, while I appreciate them they arenât ones that Iâve decided to print or routinely display. Still, several of the below abstracts (taken on smartphones) are inspiring just to look at and think about the process of developing the respective compositions.
(âLast ices of the winterâ by @paulenovemb)
(âUntitledâ by @lisalam628)
(âVilla Savoye by Le Corbusierâ by @bazillus)
(âUntitledâ by @reneetakespics)
Music Iâm Digging
Goldlink – Diaspora // Goldlinkâs album is a terrific summer album: lots of pop notes with a taste of Caribbean beats and good mix between somewhat gravelly male and ethereal female voices. Itâs been a lot of fun to listen to while writing or reading, working out, or just doing chores around home.
Machine Gun Kelly – Hotel Diablo // Iâm still trying to really get a handle on what I think of this album, but Iâve definitely listened to it a lot over the past week or two. I think Iâm appreciating it principally for its nostalgic value: it has a lots of beats and sounds from late-90s/early-00s nu-metal and rap. So I donât think that itâs âqualityâ per se, but definitely speaks to my younger self.
Neat Podcast Episodes
Lawfare – Jack Goldsmith Talks to Former Secretary of Defense Ash Carter // To begin: Iâm never a huge fan of a Secretary of Defense who is a strong advocate for war, and Ash Carter is definitely that class of Secretary. However, he provides a superb view of the entirety of the Defense Department and what goes into running it, as well as the baseline challenges of both engaging in offensive cyber operations as well as the role(s) of legal counsel in developing military operations. If you want an insiders view of the different layers of the Pentagon, and how the institution has developed over the past few decades, then this is a great episode to listen to.
Frontburner – What did Canadian peacekeepers accomplish in Mali? // Richard Poplak has a non-nonsense, direct, discussion with Michelle Shephard of just how little value Canada derived from its half-billion dollar peacekeeping commitment to Mali. At least part of that failure is linked to how Canadaâs foreign policy had to be entirely recalculated to deal with Donald Trump when he was elected President but certainly everything cannot be laid at Trumpâs feet.
The Secret History of the Future – Meat and Potatoes // I have to admit, I never really thought about how important potatoes were to the Europeans in establishing a reliable source of caloric intake, nor how you could connect the potato with contemporary efforts to find new foods to both feed the contemporary world and save the environment at the same time. If you want to think a bit more about the source of your food, today, and what it might mean for your food, tomorrow, then this is a solid episode to sink yourâŠears?âŠinto.
The Secret History of the Future – Infinite Scroll // Proving once more that everything new is really just the old reborn, Slate examines how Renaissance scholars were entirely overwhelmed by information and had pretty well the exact same issues with information, then, as contemporary societies do with the growth of the Internet and rapid spread of information. Itâs interesting to hear how scholars and the public fought against things like indices, tables of contents, and reviews of books; similarly, today, we hear people push back against any and all efforts to summarize, synthesize, or distil books, articles, and (even) podcasts. The commonality between the arguments of yore and today are largely identical, which speaks to how important it is to take history into account when evaluating the travails of the contemporary era.
Lawfare – Jonna Mendez on âThe Moscow Rules // Ever been curious about the different tricks that were used by CIA case officers in Moscow during the height of the Cold War? Then this is the episode for you! Mendez, a former CIA officer, recounts the various techniques, technologies, and troubles that the agency developed and overcame in the process of engaging in espionage against the most equally matched adversary in the world on their home turf. Though mentioned somewhat sparingly, there are lessons to be gained from the stories she recounts from her time in the Cold War, including the very real value (at the time, for the USA) of obtaining military technology secrets well in advance of the technologies entering production: with these secrets in hand, as an example, the USA successfully built in countermeasures to Soviet radar systems. Today, you can imagine how the Chinese governmentâs theft of American and other alliesâ military secrets may similarly position that government to develop countermeasures much, much faster than otherwise expected.
Good Reads
âOrientalism,â Then and Now // Shatzâ review of Saidâs Orientalism and application of its key insights to the geopolitical changes in how the Other is conceived of â as now a threat, not because it is external and to be created through our knowledge of it, but because it is within us and is changing âUsâ â presents a stark view on the era of racism, fascism, and ignorance today. Whereas the orientalism that Said focused on was, principally, that linked to elite power-knowledge constructions that served the Westâs practices of colonization, todayâs is born of a deliberate lack of expertise and knowledge. Whereas the past cast the Other as external and a threat, today the Other is within and consequently domestic politics is the focus of elitesâ aggressions. While Shatz is hesitant to assert that the end is nigh, his hopefulness towards the end of the essay is perhaps not as hopeful as he imagines: there are, indeed, efforts to defray, mitigate, and prevent the contemporary situations of hardened and violent orientalism. But despite the power and influence of art it remains unclear to me how effective these cultural acts of resistance genuinely are against a structural practice of aggression, harm, and ignorance.
Congress Will Ignore Trumpâs Foreign Affairs Budget Request. Others Will Not. // Both chambers of the US legislature are opposed to the significant cuts that the Trump administration has sought in its budget appropriations. However, the signals sent by the administration have meant, internal to the State department, that staff resistant to democracy promotion have enjoyed enhanced status and positions in pushing back against attempts to preach American values abroad and who are, instead, advancing the transactionalist style of politics favoured by the current administration. Simultaneously, autocratic leaders abroad have taken the administrationâs stance as a signal that their activities are not going to be denounced, or strongly opposed, and sometimes even supported, by the American government. While all of these signals may change following the next presidential election (though perhaps not!), the denigration of the State department is not something that can be remedied by electing a new president: it will take decades to rebuild trust, restrengthen ties, and hire and train new staff. The long term effects of the Trump administration will be felt throughout the world for a very, very long time regardless of whether he is currently in the White House.
Doug Fordâs Legal Aid Guarantee // This quotation from Sprattâs assessment of the Ontario governmentâs cuts to legal aid speak volumes: âUnrepresented accused are also more likely to be steamrolled in our courts. You see, our justice system is adversarial and only functions if the adversaries â the prosecution and the defense â are equally matched. An impoverished, marginalized, or unsophisticated self-represented litigant stands no chance against the well-funded state. With odds stacked against them, many unrepresented accused are coerced into pleading guilty, even when they are not. Because of Ford, there will be more wrongful convictions.â Worse, given that legal aid is being cut to assist in bail hearing, more accused will simply plea out so that they can go home and work the jobs they have to try and survive; losing the job they have could have catastrophic consequences, as could being unable to get home to care for their young family members. Fordâs cuts wonât save money in the short term and will almost certainly lead to increased court time and costs, and remuneration to those improperly convicted, going decades into the future.
The Future of the City Doesnât Have to be Childless// I fundamentally agree with the premise of the article written by Love and Vey. Cities are very much being designed without familiesâor, at least, middle and lower classâfamilies in mind. I agree that parks and other amenities are needed, as are spaces to facilitate youth development and lower income housing. But that isnât enough: housing has become an investment space, where hundreds or thousands of properties are traded in an instant by holding companies, and where developers are building for investors rather than residents. We need to correct the market by pushing market forces out of housing development: rental buildings need to be prioritized for development, and developers of high rise condos obligated to pay significant fees to foster inclusive social properties around their buildings. Doing anything less just picks around the edges of the catastrophes propagated by the market in urban environments.
The Future of Photography // I keep thinking about what kinds of cameras I want, and why, and whether I really need them given the technical characteristics of contemporary cameras. I think that this post significantly, though not quite entirely, captures my current thinking when itâs author writes: âToday all modern cameras give you an image quality that is good enough even for the most demanding applications, in fact most of us will never use their full potential. What we usually do is to make a photo book now and then but most of the time the pictures will be displayed on the internet or on our TVs. So the ever increasing resolution makes no sense anymore. If your camera has 24MP you trow away 66% of the pixels in case you display them on a 4K TV in case you use them for the internet it is 90% or more. If you change to a 61MP camera you just trow (sic) away more pixels. … I think the real key is to offer a satisfying shooting experience so that you just want to take out your camera to take some pictures. A nicely handling camera with a good shutter sound and solid lenses with a real aperture ring is all it takes. Thatâs why I think Fuji has grown so popular.â The only thing Iâd add is this: I really, really like flip out screens and the ability to see what Iâm shooting in the bright sun through a view finder.
Why we fight for crypto // Robert Graham has a good and high-level assessment of why calls by the US government to undermine the security provided by contemporary cryptography are wrongheaded. Worth the read to recall why all the current Attorney Generalâs calls, if adopted, would endanger individuals and society, and constitute irresponsible policy proposals that are not supported by an evidentiary record of requiring such modifications to cryptography.
If anything, what [Bytes, Bombs and Spies] points out is how little value you can get from traditional political-science terms and concepts. Escalatory ladder makes little sense with a domain where a half-decade of battlefield preparation and pre-placement are required for attacks, where attacks have a more nebulous connection to effect, deniability is a dominant characteristic, and where intelligence gathering and kinetic effect require the same access and where emergent behavior during offensive operations happens far beyond human reaction time.
Nothing quite like starting the day by refreshing a password that was apparently compromised, and then trying to determine where/how the operators might have obtained the login credentials in the first place. Still, props to Googleâs AI systems for detecting the aberrant login attempt and blocking it, as well as for password managers which make having unique login credentials for every service so easy to manage/replace.
Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon
Rating:Â âïžâïžâïžâïžâïž
Zetterâs book engages in a heroic effort to summarize, describe, and explain the significance of the NSAâs and Israelâs first âcyber weaponâ, named Stuxnet. This piece of malware was used to disrupt the production of nuclear material in Iran as part of broader covert efforts to delimit the countryâs ability to construct a nuclear weapon.Â
Multiple versions of Stuxnet were created, as were a series of complementary or derivative malware species with names such as Duqu and Flame. In all cases the malware was unusually sophisticated and relied on chains of exploits or novel techniques that advanced certain capabilities from academic theory to implementable practice. The reliance on zero-day vulnerabilities, or those for which no patches are available, combined with deliberate efforts to subvert the Windows Update system as well as use fraudulently signed digital certificates, bear the hallmarks of developers being willing to compromise global security for the sake of a specific American-Israeli malware campaign. In effect, the decision to leave the worldâs computers vulnerable to the exploits used in the creation of Stuxnet demonstrate that offence was prioritized over defence by the respective governments and their signals intelligence agencies which authored the malware.
The book regales the reader with any number of politically sensitive tidbits of information: the CIA was responsible for providing some information on Iranâs nuclear ambitions to the IAEA, Russian antivirus researchers were monitored by Israeli (and perhaps other nationsâ) spies, historically the CIA and renown physicists planted false stories in Nature, the formal recognition as cyberspace as the fifth domain of battle in 2010 was merely formal recognition of work that had been ongoing for a decade prior, the shift to a wildly propagating version of Stuxnet likely followed after close access operations were no longer possible and the flagrancy of the propagation was likely an error, amongst many other bits of information.
Zetter spends a significant amount of time unpacking the ways in which the United States government determines if a vulnerability should be secretly retained for government use as part of a vulnerabilities equities process. Representatives from the Department of Homeland Security who were quoted in the book noted that they had never received information from the National Security Agency of a vulnerability and, moreover, that in cases where the Agency was already exploiting a reported vulnerability it was unlikely that disclosure would happen after entering the vulnerability into the equities process. As noted by any number of people in the course of the book, the failure by the United States (and other Western governments) to clearly explain their vulnerabilities disclosure processes, or the manners in which they would respond to a cyber attack, leaves unsettled the norms of digital security as well as leaves unanswered the norms and policies concerning when (and how) a state will respond to cyber attacks. To date these issues remain as murky as when the book was published in 2014.
The Countdown to Zero Day, in many respects, serves to collate a large volume of information that has otherwise existed in the public sphere. It draws in interviews, past technical and policy reports, and a vast quantity of news reports. But more than just collating materials it also explains the meanings of them, draws links between them that had not previously been made in such clear or straightforward fashions, and explains the broader implications of the United Statesâ and Israelâs actions. Further, the details of the book render (more) transparent how anti-virus companies and malware researchers conduct their work, as well as the threats to that work in an era when a piece of malware could be used by a criminal enterprise or a major nation-state actor with a habit of proactively working to silence researchers. The book remains an important landmark in the history of security journalism, cybersecurity, and the politics of cybersecurity. I would heartily recommend it to a layperson and expert alike.
If those responsible for security believe that the law does not give them enough power to protect security effectively, they must try to persuade the law-makers, Parliament and the provincial legislatures, to change the law. They must not take the law into their own hands. This is a requirement of a liberal society.
Canada, Commission of Inquiry Concerning Certain Activities of the Royal Canadian Mounted Police, Second Report: Freedom and Security Under the Law, vol 1, Part II (Ottawa: Privy Council Office, 1981) at 45.
I shifted over to this domain name, and WordPress environment, a little over eight months ago. In addition to moving multiple years of content I also committed to at least one post a week though, ideally, would post many more than that!
Iâve been largely successful with meeting those goals. As such, Iâve been able to maintain a regular personal writing habit. Itâs also meant Iâve locked down some of my ruminations and thoughts so that I can reflect on them later on down the line.
However, there are some things that Iâm not entirely happy with. First, Iâve been privately writing small âreviewsâ of books and movies but havenât gotten around to posting them here. Part of that is wanting to do them âwellâ and the other reason is that Iâm trying to decide if I should have posts and then a master page that links to the posts, or just posts, or just a page. But expect that to be figured out pretty soon.1 I also really like the idea of putting up a gear/software list of things that I routinely use, and want to steal an idea from a friend of mine who posts the podcasts that sheâs really into at any given time. And I want to put some thought into developing a public blogroll, likely based on the RSS feeds that I consume, though I admit that Iâm not entirely sure of the utility of blogrolls in this day and age.
The reason for contemplating these changes to some of the content and structure? Mostly because I think I can move more of my writing to this location; thereâve only been a few times that I thought I was getting too âcloseâ to mimicking the work on my professional web presence or private journal, and even then the tone was sufficiently different that it belonged here as opposed to those other locations. But Iâm also motivated to modify some of the content here because I want what I write to be interesting and useful for other people; I often find that bloggersâ reviews and insights about the things they use are the only way that I discover the existence of certain tools, products, workflows, and cultural items. So I want to give back to others, just as they have freely given to me and everyone else who visits (or has visited) their sites.
I spent some time this week writing about a recent proposal to significantly weaken the security of the devices we carry with us on a daily basis. In short, I think that the proposal:
doesnât address the real technical or policy problems associated with developing a global backdoor system to our most personal electronic devices. Specifically the architect of the solution overestimates the existent security characteristics of contemporary devices, overestimates the ability of companies to successfully manage a sophisticated and globe-spanning key management system, fails to address international policy issues about why other governments couldnât or wouldnât demand similar kinds of access (think Russia, China, Iran, etc), fails to contemplate an adequate key revocation system, and fails to adequately explain why why the exceptional access system he envisions is genuinely needed.
Device security, and especially efforts to weaken it, fundamentally raises technical and policy issues. Neither type of issue can be entirely divorced from the other, and itâs important to recognize that the policy issues are both domestic and international; failing to address them both, at the same time, means that any proposal will almost certainly have terminal weaknesses.
Inspiring Quotation of the Week
âDo not let anything that happens in life be important enough that youâre willing to close your heart over it.â
Earlier this year, I suggested that the current concerns around Facebook data being accessed by unauthorized third parties wouldnât result in users leaving the social network in droves. Not just because people would be disinclined to actually leave the social network but because so many services use Facebook.
Specifically, one of the points that I raised was:
3. Facebook is required to log into a lot of third party services. Iâm thinking of services from my barber to Tinder. Deleting Facebook means itâs a lot harder to get a haircut and impossible to use something like Tinder.
At least one company, Bumble, is changing its profile confirmation methods: whereas previously all Bumble users linked their Facebook information to their Bumble account for account identification, the company is now developing their own verification system. Should a significant number of companies end up following Bumbleâs model then this could have a significant impact on Facebookâs popularity, as some of the âstickinessâ of the service would be diminished.1
I think that people moving away from Facebook is a good thing. But itâs important to recognize that the company doesnât just provide social connectivity: Facebook has also made it easier for businesses to secure login credential and (in others cases) âverifyâ identity.2 In effect one of the trickiest parts of on boarding customers has been done by a third party that was well resourced to both collect and secure the data from formal data breaches. As smaller companies assume these responsibilities, without the equivalent to Facebook’s security staff, they are going to have to get very good, very fast, at protecting their customersâ information from data breaches. While it’s certainly not impossible for smaller companies to rise to the challenge, it won’t be a cost free endeavour, either.
It will be interesting to see if more companies move over to Bumbleâs approach or if, instead, businesses and consumers alike merely shake their heads angrily at Facebookâs and continue to use the service despite its failings. For what itâs worth, I continue to think that people will just shake their heads angrily and little will actually come of the Cambridge Analytica story in terms of affecting the behaviours and desires of most Facebook users, unless there are continued rapid and sustained violations of Facebook usersâ trust. But hope springs eternal and so I genuinely do hope that people shift away from Facebook and towards more open, self-owned, and interesting communications and networking platforms.
Thoughtful Quotation of the Week
The brands themselves arenât the problem, though: we all need some stuff, so we rely on brands to create the things we need. The problem arises when we feel external pressure to acquire as if new trinkets are a shortcut to a more complete life. That external pressure shouldnât be a sign to consume. If anything, itâs a sign to pause and ask, âWho am I buying this for?â
