Self Hosting

I was an early adopter on Pinterest. I liked the service myself, not because I was looking for more social media, but because it allows me to aggregate links and sort them visually. I’m one of those people who navigate by landmarks, so having a visual cue reminds me which link goes to which article.

The problem is that the owners of Pinterest have been working to “improve” the site, often making it harder to use. Primarily adding more bells and whistles — that use more of my computers resources (internal memory). This makes it virtually impossible to use on my little underpowered netbook. (I can only have about 3 browser tabs open before it locks up.) So I usually do research on my big and powerful desktop computer, and the aggregate the links in Pinterest. I have an extensive link library I began to compile there during last years NaNoWriMo when I began my historical novel.

The problem is, Pinterest has recently crippled the service to anyone not signed in. This means I can’t just look at the site to find the link to the material I need, I have to sign in — and use more memory than I can afford — to access this. This is a huge problem for my own use of my own “pins.” But as someone who wants to share links to my own content, this means only people willing to sign in to Pinterest will be able to access my content.  That’s a problem.  I won’t be sharing Pinterest links anymore.

People concerned about personal privacy call that a registration wall. That’s a big part of why I stopped using Smashwords. I couldn’t use it for the purpose many authors use it — to give out free copies of ebooks — but if people have to pay Smashwords in personal information, the eBooks are not free at all. (Now I email review copies of ePubs, or people can anonymously download from TUEBL.)

And of course, there is Imgfave, another service that allows me to do much the same thing– without needing to be signed in to access my own (or anyone else’s) content.  So that will do.

Who’s The Boss?

When we use someone else’s website, they get to make the rules, and we have to follow them. They can change how the site works, or what users are allowed to do, whenever they like. If we don’t like it, all we can really do is leave. (See: MySpace)

Pinterest is not alone in retaining control over how it chooses to allow us to use its website. The same is true of every other website that “generously” allows users to aggregate content or create content for its own greater glory (and profit). All we have to do is pay them in personal information and trust the faceless people making decisions not to change it to make it unusable for us.

Off the top of my head (but by no means an exhaustive list) web platforms that control your data can includes: Twitter, Facebook, G+, Pinterest, Imgfave, Instagram, dropbox, ScribD, NaNoWriMo, LibraryThing, GoodReads, MySpace, LinkedIn, DeviantArt, Imgur, Flickr, YouTube, Livestream, Wattpad, blogspot, WordPress.com, Tumblr, Livejournal etc.

DIY

whatsinsideIf you want to control your own data, you need to host it yourself. And that certainly will sound like a scary proposition. But is it any scarier that ripping up that carpet and replacing it with the tiles you want instead? We have no qualms about Do-It-Yourself projects in the physical world, it is not so much different in a digital world. Probably the biggest difference is that there are sure to be many more how-to videos on You-Tube for doing digital DIY. You can very often talk to actual people who made the software you need online via Twitter or through email. (Ever tried to ask Facebook a question?)

blogging

I know WordPress software is licensed to share, so you can download it to your own computer and host your own blog yourself, on your own computer. It is so easy lots of small businesses do this. WordPress even allows you to port your blog hosted on its free site to your own computer any time you like.

(Which is a great way to make backups… not because I don’t trust WordPress to do so, but because like any corporate service provider, it may be compelled to remove some or all of your content on receipt of a DMCA notice (a legal process that merely requires an accusation of copyright infringement… no proof needed). If your original work is taken down in this way, you will need to prove yourself innocent and then upload your content again. Backups are always a good idea because digital data is fragile. I am not certain but I think you can host your own Tumblr as well.

social media

If you are more interested in social media than blogging, there are a growing number of self hosting alternatives out there. If you like Facebook you might want to look at Friendica or Diaspora, if you like Twitter, you can host your own GNUsocial or StatusNet instance in the Fediverse.  If you just want to be free of Twitter censorship, you can sign up for an account hosted by individual people, and there are a couple of big co-ops like Quitter and Gnusocial.de.

private browsing

I don’t know about you, but I don’t actually trust Google’s “private” browser to be private. And of course if you want more freedom from being tracked, you might want to use Duckduckgo or StartPage or Ixquick to do your web searches…

The only way to be private online is by using encryption (and even then you need to follow best practices). LONG passwords are more secure than a clever one that is difficult to type or remember.)

If you want to be secure, for email use PGP (stands for “Pretty Good Privacy”) the best (free) software; and for everything else, use TOR (TOR project). Great resources can be found at KW Crypto

And of course, you have the same problems if you use software that you don’t actually own… so Free Software is the way to go.

 

[Note: normally I would link everything but I simply don’t have time just now.  Maybe later.]

Privacy = Security

Do you use the Internet? Then you need to see “Stop Watching Us”

Stop Watching Us

is a website that allows American citizens to demand an end to mass suspicionless surveillance.

Citizens of other nations need to demand the same of our own governments, and that our governments withdraw from participation and/or complicity in mass suspicionless surveillance of its own citizens.

In Canada we can call on our MP to stand against costly online spying

You can read the International Principles on the Application of Human Rights to Communications Surveillance in 30 languages (and people in other countries can find resources) at https://necessaryandproportionate.org

Phishing: Catch of the Day

Don't get Hooked! (cc by laurelrusswurm)Unlike the Nigerian Scams that try to con people out of money by dangling a large mysterious financial windfall that the grifter will send after you give them a wad of cash, a “Phishing” attack uses bait to hook people, so they can get your personal information for Identity Fraud.

One things you can do to protect yourself when getting email that looks legitimate but that asks you to do something you shouldn’t ~ like giving personal information to a stranger ~ is to hover your cursor over the link you are supposed to click. If the text of the link is different than the actual link, don’t do it.

Phishing attacks pretend to come from someone we trust.  In Canada we pay our taxes to the Canada Revenue Service, so when a Canadian gets an email from them we pay attention.  Thiis is a phishing email I received that pretends to be from CRA:

*Claim Your Tax Refund Online*
We identified an error in the calculation of your tax from the last payment, amounting to $ 146.00.  In order for us to return the excess payment, you need to create a Tax Gateway account after which the funds will be credited to your specified bank account.

Please click “Get Started” below to claim your refund:

Get Started <http://www.cunningruse.com/.tax/>

We are here to ensure the correct tax is paid at the right time, whether this relates to payment of taxes received by the department or entitlement to benefits paid.

An email from the Canada Revenue Agency is likely to make us a little nervous, because most of us will wonder what we have done wrong on our tax return.  But when we read this, we discover it isn’t anything terrible, but an error in our favor which brings welcome relief.  The amount owing isn’t big enough to look fishy, just a small correction.

The crooks who sent this hope our little bit of fear followed by relief will cloud our judgement, so we will click on the link that will take us to a place where they can extract our personal information.  After all, we will be giving the information to the government.

The “Get Started” link actually will send you to a different web page… which hovering reveals leads to www Cunning Ruse dot com.

If your bank, or the government, or any reputable retailer wants your personal information, they will not ask for it through email, because email is not safe, private or secure. Anyone who asks for your personal information in unencrypted email is either foolish or a setting you up for a scam.

Don’t do it.  Privacy Matters.

Bullies

Tonight I was listening to a terrific song, and so I posted it to the Fediverse group !Listening, one of the first groups I joined on Identica in 2009. Way back then, I was told the proper netiquette when announcing the name of the song you are listening to is to link to the song. That way anyone who was curious can listen to the song as well.

I discovered Ranee Lee when I bought a couple of albums from her at the Uptown Waterloo Jazz Festival last year. She was amazing. Sadly, her music isn’t released under a free culture license, so when I went looking for a link my options were limited. I tried a few of the links that offered the song, but was unable to play it on any of them.

This might be because I use Free Software and so don’t have Adobe Flash installed, or maybe because I use NoScript, Ad Block and Ghostery for security. The only link I could get to play the song was the one on Amazon. I don’t link to sites that only give partial song previews, but this was the only website where the song would play. So I posted:

!Listening to Ranee Lee “When A Woman Loves A Man” http://ur1.ca/g05sq !amwriting !NaNo

I was surprised to find myself attacked for posting this. This is not the first time I have been attacked online by someone who I hadn’t realized was an enemy.

what was the attack?

I don’t understand why someone who claims to care about privacy would link to amazon.

It doesn’t look like much of an attack, does it? But that’s the point. It almost sounds reasonable.

Until you look at the language.

The phrase “someone who claims” implies that the claim is dishonest.

By taking a step further, saying “someone who claims to care about privacy” he passes judgement. This is a statement that I am lying about what I care about.

“I don’t understand why someone who claims to care about privacy would link to amazon” says that because I posted a link to amazon I must be lying about caring about privacy. It is an attack, all right.

What did I do wrong?

WWII war propaganda - quiet

Perhaps I shouldn’t have used a URL shortener.

Maybe I shouldn’t have posted at all?

But it isn’t as if I posted the link to the !Privacy group.

But it isn’t what I did at all, really.

On the basis of one link, he has cast aspersions on anything and everything I have said about privacy online. He also maligns my personal credibility.

What gives him the right to tell me what I care about?

He has no more right to decide what I care about than I have the right to decide what his favourite colour is, or what hand he writes with.  He is entitled to disagree with my choices but certainly doesn’t have the right to use them as the basis of an ad hominem attack.

Privacy is a huge issue, and trying to maintain privacy online is not an easy thing to do. We are assailed on all sides. Certainly amazon has issues, but pretty nearly every website on the Internet has issues.  Particularly now that the Snowden revelations have made it clear that the Internet is under surveillance 24/7

Everything we do on the Internet has a cost in privacy.

Even before we heard about Prism, someone I know refused to use the Internet at all, ever, because that was the only way to be sure to avoid Internet surveillance.  I know other people who use the Internet sparingly, but never in their own homes, just as I know people who post their most personal information on Facebook.

Adults get to decide for ourselves what we are comfortable doing.  We need to make informed choice: we make our own decisions about how we will live our lives.  In a free country, other adults don’t have the right to decide for us.

What gives him the right to decide that posting a link to amazon negates any concerns I  have about privacy?

I answered his ostensible question with a question:

How can you possibly care about privacy if you use the Internet?:

His answer was

If that’s your justification, then you shouldn’t take issue with anything related to privacy.

Why does he think I need to justify myself to him?

Even if I had made some horrific inadvertent privacy gaffe, it would not then deprive me of the right to “take issue with anything related to privacy.”

Poppycock.  Suggesting that is as illogical as saying if I loan someone my car, I can’t complain if they burn my house down.

I often have strong opinions, and I am not hesitant about voicing them.  One valuable thing I learned growing up in a large family is that discussion and argument can inform; I have been known to change my opinion when shown another side or proven wrong.  I have been told some men have trouble with women with opinions.  Over the years, there have been instances of people attacking me online. When this has happened in the past, I’ve tried to resolve things through discussion.  But sometimes that isn’t possible.

bullying

Ironically, not so long ago someone asked me if the person who attacked me just now was an Internet troll, and at the time I said no, we were just having a discussion. Apparently I was wrong.

Sometimes people just don’t like you. Nothing you say will change it. Nothing you do will make you friends.

And of course, sometimes people just attack you because.

There doesn’t have to be a reason.

He might be bullied because he’s too smart, or not smart enough, she might be bullied because she’s too tall or too short. That’s how bullying works.

The ostensible reason for bullying isn’t actually a reason, its an excuse. Rational arguments just bounce off when someone is determined to attack you.

Apparently it is very easy to bully people online. The consequences have been fairly horrific in some cases, but mostly it is comparatively mild — unless of course you are the person being bullied.

The fediverse is largely peopled by tech folks at this point.  Mostly men at present. Thinking back, I’ve probably had one or two of this type of attack a year. I’m wondering how many of the women that used to be regulars there have disappeared precisely because of this type of attack? A growing number of people I speak with on Twitter — mostly women — block the people who harass them, or “protect their tweets.”

If the bullies have a problem with women in general or me in particular, they don’t have to stick around in the places I frequent.  They can leave.

Dear Bullies:

If you don’t like me, send me a message and I’ll make sure to unsubscribe from your feed, and I certainly won’t go so far as to converse with you any more.

Because I am not going to change. I am not going anywhere.  I will continue my online activities, including posting to Fediverse groups I belong to, like Privacy and Listening. If you have a problem with this, go somewhere else.

Feel free to leave the groups I am in.  Start your own groups; I won’t join.

Sincerely,

Laurel

Help Stop Bullying

One of the best ways to stop bullying is to speak against it when you see it.

If you see someone being bullied, stick up for them.

If you don’t, they might not stick around.

And then your world will be that much smaller.


Image Credit:

The American government’s creative works, like the pictured War Propaganda Poster “Quiet” are released directly into the public domain.

Acceptable Ads

Add Block Plus logoI generally use the Firefox Browser when I want to surf the Internet.  Unlike proprietary browsers (like Internet Explorer), Firefox will work with any Operating system, whether Microsoft Windows or any Apple or Linux varieties. Because it’s free software, one of the great things about Firefox is the catalogue of free add-ons available to users.

One of the add-ons I’ve been using longest is called “Ad Block” which does a terrific job, not only of blocking annoying intrusive advertising, but of helping keep my computer secure. If you want it to, Adblock Plus can also:

  • Malware Blocking Block domains that are known to be infected by malware to make browsing the internet more secure.
  • Remove Social Media Buttons Remove social media integration such as the Facebook Like button that track your browsing habits.
  • Disable Tracking There are hundreds of ad companies tracking your every move, but you can easily disable all tracking to browse privately.

Advertising in and of itself isn’t necessarily a bad thing. It can help support the content we want to see. It’s only when it does things we don’t want it to, either by using a lot of bandwidth for flashy video ad animation, compromising our security, invading our privacy or simply annoying us by interrupting the article we want to read that it goes too far.

Which is why Ad Block Plus actually allows some advertising. I’m one of the 75% of AdBlock users who don’t object to reasonable Internet ads. The hope is that advertisers will limit website ads to those that follow these guidelines.

Do you think advertisers will learn users will block their expensive, invasive and dangerous advertising, instead opting to follow Ad Block’s guidelines?

If they don’t, more and more of us will never see their ads.


Free Software Day celebrations in Kitchener, Ontario will be taking place this Saturday at Kwartzlab, on Saturday, September 28th, 2013

Privacy: Facebook Lockout

When I was in another city today, I tried to log in to Facebook with my netbook.

But I couldn’t. Not because I don’t know the password or user name or email address. According to Facebook,

Facebook: Your account is temporarily locked.  We don't recognize the device you are using.  Please answer a few questions to keep your account safe."

Q: How can it not recognize this device? I’ve been using this computer a lot lately. I even logged into Facebook from it earlier today.

A: Facebook isn’t being strictly truthful here, because it isn’t really looking at the device (computer) I’m using. What it is actually doing is looking at the IP address my computer is using to log in. It isn’t my regular IP address.

Even so, I have logged into Facebook from this IP address, within the last month, in fact, but not often.

But what the hey, I wanted to check something, so I clicked “continue.”

But Facebook didn’t actually ask me to answer any security questions. There was a captcha which I answered correctly. But that wasn’t all. I was given two options:

  1. I could log in from my usual device. Well, as I said, I was using my usual device. But my usual IP address was in a different city, so that wasn’t an option at all.
  2. Or I could tag people. Facebook showed me several screens of photos, a few of people I know on Facebook, but most that I didn’t recognize. Some included minor children.

I declined to tag people, because that is something I never do. Well, almost never. I’ll tag someone who is promoting something I support.

When I got back today, Facebook allowed me to log in on this computer, because I am again connected via the usual IP address.

Q: Why does Facebook want us to tag people?

A: Before the Internet, marketing companies used to hire people to be focus groups, and to take surveys. Today they buy information about our socio-economic status, preferences, who we know, and what we do from websites like Facebook.

Our personal information is valuable, and not just to marketing departments who want to sell us things, but insurance companies, who might decide we are high risk, or potential schools or employers.

And we know, too, that this information is made available to government agencies, very often without even a search warrant.

Some people don’t think having the government looking over our shoulders is a problem. After all, we’ve done nothing wrong, we’ve nothing to hide, right?

Well. Thanks to Edward Snowden, we now know just how insidious NSA is. Funny thing, it isn’t just the emergence of Big Brother that is worrisome. Computer error is far more probable, and possibly even more devastating.

When the NSA sucks up everything on the Internet, it is far too much data for human beings to analyze. What happens is that automated processes will use face recognition software to identify bad guys, but instead of mug books, they use photos on the Internet. Photos on Facebook, for instance. And it is doubtful their robots are as clever as my bot friends @X11R5 and @question. Mistakes will be made.

Any science fiction fan can tell you just how insane it is to give machines dominion over human beings. The idea that machines get to decide whose door Homeland Security or GCHQ or CSIS decide to break down is pretty scary.

And if Facebook is going to lock me out because I won’t tag people, so be it. As a self publishing author, I give up lots of personal information online, but it is my choice, and my information. If I tag people I don’t know, or know only peripherally, it is their privacy I’m jeopardizing.

I don’t give out any more personal information than I absolutely have to. If this was really a security thing, my not tagging people should have proven my identity. I think what Facebook really wanted to find out was whether I knew the friends and families of my Facebook friends.

And that is none of Facebook’s business.


Post Script:
I’ve been asked to explain “tagging” for people who don’t use Facebook.

Tagging in Facebook is the act of identifying and naming the people in a photograph posted on Facebook. When tagging, you hover the cursor over a part of the photo, and then type in the name of the person. You used to be able to type any name, but they have changed it so that it has to be a name on a Facebook account. However, you can tag a photo with a wrong name.

When you tag a photo, the person whose name you use receives a notification. Because of this, a lot of people tag photos with the names of the people who they want to see the photo. If you’re an environmentalist, you might tag a photo of the Tar Sands with the name of your environmentalist Facebook friends. Or you might tag a photo of a rock star with the name of your friend who is a big fan. If you mis-identify someone, they know about it, and presumably can complain.

There are so many ways this information can be misinterpreted or abused.

Privacy vs. Telemarketers: Canada’s “Do Not Call List”

Although I still have misgivings, I am about to register my telephone number on Canada’s National Do Not Call List (DNCL).

I know, you are wondering: if this can stop telemarketing calls, what’s not to love?

In order to register on the National Do Not Call List (DNCL) personal information will be collected, used and disclosed by the National DNCL Operator in order to register, verify and de-register residential, wireless, fax or VoIP telephone number(s) on the National DNCL. The numbers registered by consumers on the National DNCL will be disclosed to telemarketers and clients of telemarketers and other subscribers to the National DNCL to prevent telemarketing calls to those numbers. The numbers may also be disclosed, on a confidential basis, by telemarketers and clients of telemarketers and other subscribers to the National DNCL to another person involved in supplying the subscriber with services to enable compliance with the National DNCL Rules.  In addition, personal information will be collected, used and disclosed by the National DNCL Operator, the CRTC and/or its Complaints Investigator Delegate in order to investigate complaints regarding violations of the Unsolicited Telecommunications Rules, to administer and enforce these rules, and for audit and quality assurance purposes. Personal information may also be disclosed to Canadian and/or foreign law enforcement agencies for the purpose of administering or enforcing any law or carrying out a lawful investigation.

The catch 22 is that I must first allow my personal information to be “collected, used and disclosed by the National DNCL Operator in order to register, verify and de-register residential, wireless, fax or VoIP telephone number(s) on the National DNCL.”

If that isn’t bad enough, the National DNCL will then “disclose my registered phone number to telemarketers and clients of telemarketers and other subscribers to the National DNCL to prevent telemarketing calls to those numbers.”

“The numbers may also be disclosed, on a confidential basis, by telemarketers and clients of telemarketers and other subscribers to the National DNCL to another person involved in supplying the subscriber with services to enable compliance with the National DNCL Rules.

In addition, personal information will be collected, used and disclosed by the National DNCL Operator, the CRTC and/or its Complaints Investigator Delegate in order to investigate complaints regarding violations of the Unsolicited Telecommunications Rules, to administer and enforce these rules, and for audit and quality assurance purposes. Personal information may also be disclosed to Canadian and/or foreign law enforcement agencies for the purpose of administering or enforcing any law or carrying out a lawful investigation.”

National Do Not Call List

So the deal is, to stop telemarketers from abusing my privacy, I must first give up my privacy by handing my phone number over to an absurdly long list of faceless people and agencies:

  • National DNCL Operator
  • telemarketers
  • clients of telemarketers
  • other subscribers to the National DNCL
  • another person involved in supplying the subscriber with services
  • the CRTC
  • CRTC Complaints Investigator Delegate
  • Canadian law enforcement agencies
  • Foreign law enforcement agencies
Ontario Privacy Commissioner Ann Cavoukian

Ontario Privacy Commissioner Ann Cavoukian

Canada has been a world leader in the field of Privacy Law, with both federal and provincial privacy commissioners.  Recently I heard Ann Cavoukian talk about how we deserve to have our privacy protected, and that corporations need to implement “Privacy By Design.”

Still, handing over personal data feels like the opposite of personal privacy protection, particularly for someone whose only “loyalty” membership is with my bank that knows how I spend my money.  What is the point of protecting personal information from Facebook and the like if I hand my data over to a government agency that promises to pass it to the very telemarketers I wish to discourage?

Why Now?

Today, I just had a call from a telemarketer who curtly informed me that they “have no list.” When I started to explain the “Do Not Call List” he hung up on me at “Canadian Law.” The alacrity of his hangup suggests the DNCL might actually work. 

So maybe it is time to give the DNCL a shot. If it works, the only disadvantage I can see is that my husband will lose out on the entertainment value he currently derives from telemarketer baiting. When he has time, he makes them work hard, answering questions, providing information, and generally toys with them for as long as possible. The theory is that the best way to make them stop is to cost them money, but the problem is that there are just so many of them — for every company you teach not to call, hundreds or thousands of new ones pop up every day.

experiment

These days it seems as though I’m getting a handful of telemarketer calls every day. Total strangers are calling me up and very often asking for me by name, so they already have some of my personal information. For the past few years I’ve interrupted telemarketer pitches at start with the instruction to “remove me from the list”. I can’t really say whether or not if that helps, because the number of telemarketing calls seems fairly constant, but that’s just an impression; I don’t have any hard data.

Telephone modele U43 MGR Lyon (Cc-by-sa-2.0-fr Rama)To frame this adventure as an experiment, beginning tomorrow, on May 21st, 2013, I will start making a log of all the telemarketing calls we get. A month later, on June 21st, I will register with the DNCL and log the telemarketing calls we get over the following month.

I’ll let you know how it comes out. :)


Image Credits:
Screen Capture from Canada’s National Do Not Call List (DNCL) website

Ontario Privacy Commissioner Ann Cavoukian at the 2013 #GOopendata Conference by laurelrusswurm licensed under a Creative Commons Attribution 3.0 Unported License.

Telephone Photograph by Rama, found on the Wikimedia Commons, released under a Cc-by-sa-2.0-fr License

Know Where The Links Go

The Internet exists to make sharing easy, and very often that is a good thing. But before you share, you should be aware of where you are sending your family and friends. If there are links to click on the thing you are sharing, you should click them first, so you know where they go.

A friend of mine just shared a security video montage showing all kinds of nice things that were accidentally caught on security camera footage.

Does that make you feel all warm and fuzzy inside?

surveilance camera (cc by laurelrusswurm)

Not me.

Me, well, it makes me feel very uncomfortable. A little bit creepy. Knowing that the world is filled with security cameras recording our every move.  Big brother is watching you. (Now would be a very good time to read or re-read George Orwell’s classic novel, Nineteen Eight Four“)

Security cameras are deliberately placed as inconspicuously as possible.  The law requires signs posted telling us they are there, but they are usually pretty inconspicuous too.   The idea, of course, is to catch crooks in the act as they rob the store or paint the graffiti or break the window.  If the crook knows its there, they would very likely put the camera out of commission. And, naturally, security cameras only catch stupid crooks.

But security cameras also show ordinary people going about our ordinary lives.

Before a professional photographer can publish photos of models, or even ordinary people walking down the street they need to get permission from the people they are photographing. The model must sign a release form. Even newspapers get permission from their subjects. Without it they can face legal challenges. Because people are entitled to a reasonable expectation of privacy.

If I rob your store, it’s a different situation. I’ve broken the law, and my reasonable expectation of privacy doesn’t extend to the store’s security video. So the video can be used by law enforcement to identify me and bring me to justice.

But if my boyfriend kisses me on a park bench, what right does some guy with a security video have to put that moment of casual intimacy into a film?

Do you think any of the people in the video gave permission?

Do you know what a video camera looks like? There are many different kinds.

ceiling mounted survellance camera

Are you aware of the cameras pointed at you in so many places? Anonymous cameras we often don’t even see.  Cameras that secretly record us at work or play.  Walking down the street, buying gas, paying a untility bill.

And who is behind these cameras?

Who is recording you as you walk your toddler past the camera?  Who knows? I don’t.

If we don’t know who they are, how can we know what they do with the video? Who is watching the watchers? After the video is made, do they get rid of it if nothing untoward happened? Or is the footage being used in different ways… as the film in this video so clearly was. People had to pore over an awful lot of security video to discover the bits that have been edited together to make this film.

So is it okay if they make a nice “feel good” short film that shows all the nice things unsuspecting people were caught doing on “security video”?

The only credit at the end of the video is for a website called Love Everybody. So I looked there, and although it has a page of videos, this one is not displayed. Very probably because it was made without the permission of the subjects, and maybe even because using the song for the soundtrack is copyright infringement, which would result in a DMCA copyright takedown notice.

Why is this particular video floating around on Facebook?

Well, if you click one of the links, it takes you to the person who posted it, the person who is using this video. This person doesn’t have any problem with using a video made without the permission of the people in it. Or to copyright infringement. Because this person has no qualms at all about getting my friend to send her family and friends on Facebook to his real reason for posting the video. He is earning up to $237 Per Day because he’s getting her to work for him for free.

Every time this video is shared, it sends the unsuspecting to his ads: “FREE VIDEO! Discover How I Earn Up to $237 Per Day from Home Using Just My Facebook Account…”

facebook logoWhenever you share anything on the Internet, even on Facebook, you should consider whether you have been fooled into selling your friends eyeballs.


Update: I decided to check YouTube for “security video” and found the film there. Turns out that this is actually a Coke commercial (although the facebook user who is using it to drive customers into his lair seems to have done away with the advertising logos).

Presumably Coke did in fact shoot this video to make it appear to be security video. If they didn’t, and you happen to be the guy dancing in the aisle but have never signed a release, you can probably sue the company. If you’re Coke you can certainly squash the guy who is using your film to drive business his way on Facebook.

There are, alas, an awful lot of security videos making it to YouTube.

Coca-Cola Security Cameras

Globe & Mail Should Understand Issues Before Editorializing

locked file cabinet key  (cc by laurelrusswurm)Most of us are in a position of having to trust others with our private data.

If we send our kids to college, we expect the institution to protect their private data like SIN numbers and other identifiers, to keep them safe from identity theft. Most of us don’t have the technical expertise to know if this private information is being kept safe. If this information is not maintained securely, and the institution does not fix the problem, we need to know about it.

This is why the Globe and Mail editorial When did it become wrong to punish hackers? is so disturbing.

First, there is misinformation about the Aaron Swartz case, which the editorial writer seems somehow to be using to bolster its position. It doesn’t fit with the article content, but it was certainly sensational.

Fact: Aaron Swartz did not steal anything. He was legally entitled to access, download and copy the documents. It wasn’t even copyright infringement. His only actual legal transgressions were his breach of JSTOR’s terms of service (the agreements we all click “I agree” to without reading) by downloading in bulk and using an unlocked MIT closet. This excesssive prosecutorial overkill is why people like Creative Commons founder Lawrence Lessig characterized the charges and prosecution of Aaron as prosecutorial bullying.

Funny, they could have used Canada’s own Byronn Sonne case, which was also famously misunderstood. Not so long ago Canadian Byron Sonne lost a couple of years of his life to a similar combination of prosecutorial overkill and technical ignorance. He was truly fortunate to have his trial before a judge capable of learning enough about the technology to understand the issues. I would have hoped that the Globe might have learned a little something from that.

More information (actual facts, even) can be found about the incident in the earlier GEEKOsystem article about the expulsion of student Ahmed Al-Khabaz Canadian College Student Points Out Major Security Flaw, Obviously Gets Expelled for Doing So

What it boils down to in this instance, is that, when the students pointed out the security hole to Dawson College, it was the school’s job to fix it. Telling students not to do that anymore might stop them, but does not fix the problem.

Years ago a friend of mine noticed an inadvertently open vault door after the mall’s bank branch was closed for the night. She was a little concerned (her money was in that branch) so she notified the bank the next day. Should she have been charged for pointing out the problem? The bank thanked her and fixed the problem. The Dawson College response outlined here would be the equivalent of telling my friend to pretend she didn’t see the open vault rather than fixing the problem.

I’m totally lost as to where copyright comes into this at all. And the only privacy issue appears to be the Dawson College failure to fix the security hole pointed out by the students. This is an institutional failure to secure the private data on its system ~ entrusted to Dawson College ~ and thus a failure to protect the privacy of the students.

The Globe would do well to ensure its editorial writers understand the issues they write about.

Online Accessibility

When we talk about accessibility issues, it usually means accessibility for people with disabilities. The internet has tools like speech readers, that can make it accessible for the blind.  Subtitles or closed captioning can make online video accessible for the deaf.   I learned early in my blogging career that typing a description in the alt=”” field,  allows speech readers to tell visually impaired users what images I use.  It’s a little more work, but it’s worth it if I can make my contect accessible.

But there are other accessibility issues that have nothing to do with disability.

standards

Internet standards are still evolving, but the internet works, because at its heart, every web page uses a programming language called HTML.  Just as every email we receive should be readable, every website we visit should work, no matter what browser we are using, because the data is in HTML.

making html inaccessible

I just went to check out a website called C.A.C.P./A.C.C.P. Official website. Although I am using this particular site as an example, this is certainly not the first time I have been annoyed by a website that wants me to remake my computer to accommodate it.

I’m pleased to see this official Canadian Website is bilingual. But this is what I see:

Screen Capture of the CACP Intro Page with No-Script blocked video

security

A blue letter S with eyes and teeth of a snake is confined in the red circle with a diagonal line through that has come to symbolize the word “No”The large yellow square in the middle of the webpage indicates this is something NoScript has blocked. NoScript is a browser plug-in that prevents Javascript and Flash from running unless I grant it permission. Javascript allows files to execute, or run, on your computer. That’s one way people get viruses and spyware. NoScript blocks such “active” content, but if I choose to trust the source, I can decide to allow it with a mouse click.  The other thing I tend to avoid is Flash for a couple of reasons.

cost

Flash video consumes a fair bit of bandwidth; so if your internet use is capped, as many are these days, NoScript allows you to decide whether to display the flash ads or video on your computer.

freedom

For me the more compelling reason is that Flash is proprietary software, and as a free culture advocate I prefer my web content in free or open formats.

my choice

If I do want to see this video, I can choose to click on the letter f in the centre of the page and grant it permission. But this is my first time here. Why would I do that? I don’t know this site, or who runs it personally.  Is it really run by CACP?  Why should I trust it? Do I have a compelling reason to gamble my computer security?

Not hardly.

Then I look at the text displayed under the blocked video.

Our site is best viewed with Mozilla Firefox or Internet Explorer 7.0. To view and use this page and aspects on other pages Macromedia Flash Player is required.
To download this plugin visit www.macromedia.com.
© 2008 CACP/Ribbet Inc. If you have difficulty with the website contact the Webmaster

I should not have to use a particular browser to see a web page display properly.

Or worse, download specialty software to use it.

Instead of telling me that I have to use a particular browser, if the web designer was doing her job, the page should display properly on any browser.

If it’s a mess, I’m certainly not going to switch browsers to something one website tells me I must have.  If I had to do that for every website I visited, I might not have room for my own files on my computer.   Besides, I prefer to learn from those who know what they are doing, and try to avoid taking direction from those who don’t.

And of course, Macromedia Flash Player is proprietary software owned by www.macromedia.com, so that is hardly in keeping with my free software leanings.  The webmaster might have chosen an open format like OGG Theora or the new HTML5 instead.  But even if they choose to make their video available in such a closed format, if they want to make the site accessible, the web page shouldn’t be  broken, as this page is.

To make it work, at minimum there needs to be text providing a synopsis of what is in the video.  The best case scenario would also include the full text of the script along with any necessary written description of the visual content.

If they want to make it accessible, that is.

If they don’t want to make it accessible, if the sense of entitlement is such they believe they have the  right to dictate such things to vistors,  they can tell us that we must conform to their demands if we want to see the content.  Their way or the highway.

Of course, this is a little nicer than some, because there is a small “skip this intro” link in the top left corner of the screen.  This way I can skip over the content they can’t be bothered to make accessible.

Personally, I’d rather just skip it.