Link

Links for December 7-11, 2020

Links for December 7-11, 2020

  • Frustrating the state: Surveillance, public health, and the role of civil society || “…surveillance in times of crisis poses another threat. By granting states unfettered power through emergency orders, data collected through digital surveillance could be shared across agencies and used for purposes beyond the original intention of fighting COVID-19. In states where democratic backsliding has been underway, surveillance could be used to deter dissent and silence government critics. According to Verisk Maplecroft, a risk consultancy firm, Asia is now the highest risk region in both their “Right to Privacy” and “Freedom of Opinion and Expression” indices as “strongmen” in Asia capitalize on the pandemic.” // Surveillance is, almost by its nature, inequitable and the potential harms linked with pandemic surveillance are neither novel nor unforeseeable.
  • Rebecca Solnit: On not meeting nazis halfway || “… the truth is not some compromise halfway between the truth and the lie, the fact and the delusion, the scientists and the propagandists. And the ethical is not halfway between white supremacists and human rights activists, rapists and feminists, synagogue massacrists and Jews, xenophobes and immigrants, delusional transphobes and trans people. Who the hell wants unity with Nazis until and unless they stop being Nazis?”
  • Instagram’s latest middle finger || “…Instagram is now nearly completely unrecognizable from the app that I fell in love with. The feed of images is still key, but with posting now shoved into a corner, how long until that feed becomes a secondary part of the service?” // Cannot agree more.
  • The Epicenter // The storytelling for this piece on the experiences of the Covid-19 outbreak is poorer areas of New York by the NYT is simultaneously beautiful and heartbreaking.
  • Poor security at online proctoring company may have put student data at risk || “Kumar, CEO of Proctortrack’s parent company Verificient, says students have “valid concerns” and that he sympathizes with their discomfort. Proctoring software is “intrusive by nature” he says, but “if there’s no proctoring solution, institutions will have to totally change how they provide exams. Often you can’t do that given the time and limitations we have.”” // Justifying producing a gross product on the basis that if you didn’t other organizations would have to behave more ethically is a very curious, and weird, way of defending your company’s very existence.
  • China rethinking its role || “China’s use of war memory to shape its international position has been much less effective overseas than it has at home. However, the significance of its efforts is real, and may become more effective over time. China wants to create a global narrative around itself which shares a common understanding of the modern world – the idea that 1945 is the beginning of the current order – but places China at the heart of the creation and management of that order. The narrative had more power during an era when the US, anomalously, had a leader who cared little for the order shaped by America in Asia since 1945. Now that a president with a more long-range view of the role of the United States is about to take office, we may see something different again: two differing versions of what 1945 meant in Asia, as defined by Beijing and Washington – and the competition for moral standing that comes from the embrace of that legacy.” // This is a fascinating recounting of how China is re-interpreting activities undertaken by Nationalist forces during World War Two, today, to justify its efforts to be more assertive in the international order today. Like so much in China, understanding how narratives are built and their domestic and foreign rationales and perceived utility is critical to appreciate the country’s foreign policy ambitions, and those ambitions’ potentials and limitations.
Link

FFS SSL

FFS SSL:

I just set up SSLTLS on my web site. Everything can be had via https://wingolog.org/, and things appear to work. However the process of transitioning even a simple web site to SSL is so clownshoes bad that it’s amazing anyone ever does it. So here’s an incomplete list of things that can go wrong when you set up TLS on a web site.

Now you start to add secure features to your web app, safe with the idea you have SSL. But better not forget to mark your cookies as secure, otherwise they could be leaked in the clear, and better not forget that your website might also be served over HTTP. And better check up on when your cert expires, and better have a plan for embedded browsers that don’t have useful feedback to the user about certificate status, and what about your CA’s audit trail, and better stay on top of the new developments in security! Did you read it? Did you read it? Did you read it?

It’s a wonder anything works. Indeed I wonder if anything does.

Without any doubt this is one of the better(?) rants about SSL/TLS that I’ve read recently. And given my own recent experiences in setting up SSL/TLS on another site I entirely empathize: it was a horrible experience that involved tracking down what was causing things to break, when they were breaking, and how to remedy them. It was a non-trivial learning experience and that was a very simple site. Large sites….well, I shudder to consider the work entailed in securing them.

(As a sidenote: yes, SSL/TLS is broken. But it adds friction to mass surveillance processes and at little cost to the visitor of websites/users of web services. It’s a pain for those delivering content, but that’s a pain that it’s arguably appropriate for those content providers to bear.)

Quote

The traditionally advocated uses for NFC have been to replace RFID chips in travel cards, such as the Oyster card in the UK, and RFID chips in credit cards, such as MasterCard’s PayPass.

The problem with these replacements is a simple one, however. Smartphone batteries run out. They do so with alarming regularity, and they do so at inopportune moments. I don’t care what phone you say you have, and I don’t care if you say it doesn’t happen to you, because it does. You end up staying out late, or you leave your charger at home by accident, or you just plain use the phone too much during the day, and then when you need the phone to work, it doesn’t because it’s out of juice.

The phone running out of power is bad enough when it means you don’t have maps and directions. That’s annoying. But even worse is the battery going flat when you need the phone for mass transit or paying for stuff.

And yet that’s precisely the value proposition that NFC offers: go out for a night on the town and get stranded with no money, no subway ride home. The only way to be safe is to take your credit card and travel card with you anyway, and if you’re doing that? Well you don’t exactly need NFC then, do you?

* Peter Bright, “Mobile World Congress is Mean Girls, and NFC isn’t going to happen”
Quote

…tablets have gotten so cheap that it’s hard to make a case that spending $500+ on a new Windows 8 machine is better than just keeping what you have and spending $200 on a cheap tablet. That goes double when the cheap tablet in question has hundreds of thousands more apps. Throw in an unfamiliar user interface, and you’re basically telling people to please leave the Microsoft Store.

* Pete Pachal, “The Problem With Windows 8

Windows 8 has a new design paradigm; to find programs’  settings you must hover your cursor to the right of the screen. There is no indication that these settings panels exist.

The new paradigm can be contrasted against the ‘early’ Metro paradigm in Windows Phone. Under the ‘old’ paradigm ellipses are used to indicate additional options. The translation of Metro to the desktop – insofar as ellipses are being removed – strikes me as a poor decision for two reasons:

  1. It breaks Metro UI tenants that Windows Phone users have learned;
  2. The Mail settings aren’t linked with any OS-wide settings (so far as I can tell), which means that if you don’t figure out the ‘hover to the right’ paradigm you can spend considerable time getting frustrated trying to just add a new mail account.

There has to be some indication to users that additional information (i.e. the settings panel) exists or the settings should be accessible in multiple locations. Failure to accommodate these needs should be understood as design failures insofar as UI parsimony is damaging the overall UX.

I Like The Apps, But Not The Design

A new version of the iPad is coming. The latest ‘craze’ around this version is whether or not it will come with a home button. To date, there’s been one particularly strong ‘In Defence of the Home Button’ post by Dave Caolo, which is effectively a listing of all the functions that Apple has tied to the singular button at the bottom of each iDevice.

This button isn’t going anywhere. And that’s really unfortunate, because better – or at least equivalent – options are out there.

The PlayBook is seriously lacking on apps. SERIOUSLY LACKING. But the hardware design of the device is stunning. I don’t need to pay attention to what is up, down, left, or right because of how RIM has integrated the bezel functionality. For a quick overview of the bezel options, check out the video below:

This isn’t to say that the Playbook is a winner hands down. Apple’s home button is linked to variety of accessibility options which are lacking on the Playbook. Also, Apple has a series of gestures that enable similar features as the Playbook, though I’m far less impressed at how they’re integrated. Because of how awkward these gestures tend to be, I tend to just use the home button, which can be incredibly inconvenient depending on the iPad’s orientation at the time.

My dream would be Apple getting creative and bringing the hardware design leadership of the Playbook to the app-rich iDevice environment. I’m not holding my breath through.