A hot day but a storm is coming

Today reached a high of 34°C in Dunedin and even now at 10:30pm it is still 26°. But that’s due to change in about an hour when a deep low left over from tropical cyclone Fehi hits with lots of rain and a southerly change. We are not likely to see much of it, but there is also a lunar eclipse tonight.

Personal blogging and online privacy

Continuing from my post yesterday about the IndieWeb, rel=me and anti-patterns, I’ve also been considering adding h-card information to my sidebar. Many blogs do this in effect by having an author photo and bio either in the sidebar or associated with each post. The h-card formats this into something that computers can interpret as well as humans.

My next question then becomes, “What information and how much detail should I put into such an h-card?” Which then brings up the issue of how safe is it to include personally identifying information on my website where anyone can see it?

The concern is that oversharing could leave me open to identity theft, which is an increasing problem worldwide. While this is an international problem, I am going to look at it from a New Zealand viewpoint.

Identity theft

The fear I have is that some personal information in the hands of criminals can enable identity theft. This is where someone uses another person’s personal information in order to access money or services under their name. My gut reaction to this idea is that you would be a mug to want to be me! I don’t exactly have a dream life or loads of money so it’s not worth the trouble. Apparently this is a common reaction and leads many people to have a false sense of security that makes it even easier to steal from them.

How common is identity theft?

As many as 133,000 New Zealanders may be victims of identity theft annually. (NZ Department of Internal Affairs). An interesting comment I found on the Equifax site is that:

identity fraud victims typically know the person who uses, or tries to use, their identity.

The cost of this crime to New Zealanders may be as much as NZ$200,000,000 every year. Globally many millions of people are affected, with billions of usernames and passwords stolen in 2016.

What is personal information?

What is considered to be personally identifying information varies, but a consensus would be:

  • Full name
  • Date of birth
  • Place of birth
  • Current address
  • Previous residential addresses
  • Phone number(s)
  • IRD number
  • Credit card information (card number, expiry date, verification code)
  • Banking login information such as PIN or security codes
  • Email address (and password)
  • Driver’s licence number
  • Passport number
  • Birth certificate
  • Current location
  • Place of employment or study
  • Interests, activities and connections (movies you watch, where you went for a run this morning and who you are friends with or work alongside).

It can be deceptively easy to leave snippets of valuable information all over the internet (and real world) which if collected together could enable someone to steal your identity. This digital footprint includes browsing history, device usage patterns, interests, perceived loyalty to a service, marriage status, preferences and income level (see this article by Netsafe). Most commonly such information is used to target advertising, but could also be used to manipulate people into divulging other, more valuable, information.

Are bloggers at more risk?

So far I’ve not found any indication that bloggers are at any more risk than other groups of people. In fact the high risk groups tend to be teenagers (who think nothing will happen to them) and older people (who can be more trusting). While bloggers may share more of their lives online, they do make conscious choices of what to share so may be less likely to accidentally share sensitive information than someone who doesn’t understand their social media privacy settings.

What I discovered in researching this post is that identity theft can affect anyone and often it is information that is inadvertently made public, stolen or leaked by hackers that enables criminals to steal an identity. There is a massive black marked on the dark web for this sort of information and even ‘kits’ which enable miscreants to lure people into divulging the information the scammers want (phishing). The best protections seem to be using long, unique passwords for every site or account, guarding email carefully and being suspicious of anything that tries to wheedle login details out of you.

Be careful out there.

Sources of reliable information

Avoiding anti-patterns

At its heart the IndieWeb is a bunch of people taking back ownership and control of their web content from companies such as Facebook, Twitter, Medium and Google. Some of these folks are programmers who are making the task a bit easier for the rest of us, to the point that it is now easier to adopt this approach than it was a few years ago.

I am not a coder, so my focus is on keeping control of my web content and making it accessible. Part of this task involves avoiding practises which work against the principles of owning my own data, making information visible to people in priority to machines, ensuring a good user experience, documenting what I am doing, and building a site which will last for the long term. The term used to describe the things which impede the IndieWeb is ‘anti-patterns‘.

Antipatterns

Antipatterns are antithetical to a diverse and growing indieweb, often times the opposite, or at best a distraction from indieweb principles and building-blocks, yet persistently repeated despite their tendency to waste time and cause failures. (IndieWeb Wiki – Antipatterns)

Databases

For any content you care about it, don’t put the primary copy in a database. Databases are all a pain to maintain, and more fragile than the file system.  (IndieWeb Wiki – Antipatterns)

As a generalisation I would agree with this, but databases exist because they make accessing information much easier than digging through a folder full of files. One of my longer term goals is to transition my site to being a static site using a platform such as Jekyll but the learning curve is fairly steep for that and my current goal is to establish a good writing habit so WordPress suits me as I know it well. What I am doing is exporting my WordPress content as Markdown files so they can easily be integrated into other systems if necessary, and these are still readable outside of the database.

Invisible metadata

Invisible metadata is the general antipattern of storing information that is user-relevant in places users won’t see (i.e. users aren’t expected to “View Source” on every page).   (IndieWeb Wiki – Antipatterns)

This is what started me thinking about these anti-patterns, I want to include rel=me tags for links to my Facebook, Twitter and micro.blog accounts as a way to verify that I’m the same person writing on all of them. What I was going to do is include these in the <head> section of each page but that violates the principle of making metadata visible to humans so I’m having to reconsider my approach to this. Overall I agree with making information visible to people, this also seems to be something Google takes into account with it’s search engine assessments of what a web page is about. For years the SEO world has been stuffing keywords into meta tags in attempts to game the search rankings when what really matters is the content that users can see and interact with.

Silos

A silo, or web content hosting silo, in the context of the IndieWeb, is a centralized web site typically owned by a for-profit corporation that stakes some claim to content contributed to it and restricts access in some way. (IndieWeb Wiki – Silo)

I am actively avoiding the use of silos such as Facebook, Twitter and LinkedIn. I do currently have some stuff located primarily in these sites but am in the process of manual transferring it to this blog. Most of what is in Twitter I don’t care about, I’m working on transferring my Facebook status updates now (this will take a while), and have recently decided to host my CV/resume on my own site in preference to LinkedIn due to the use of devious techniques by LinkedIn to gain access to email address books and generally be creepy. There are some things such as ‘likes’, retweets and reposts that I don’t value enough to clutter my own site with.

Distracting gifs

Prompted by this annoying little gem

I know that many people love to use animated gifs in blog posts and web articles, but I find them extremely distracting. The ones that bother me are those which keep looping endlessly while I’m attempting to read a web page. The movement grabs my attention away from what I’m trying to read and frankly the image cheapens what is otherwise a good article. Just my opinion, and I do have ways around it.

My iPhone use

Over the last four months I have been consistently using the Moment app every day to track my phone use and what apps I have been using. The idea is to use this information as leverage to cut down on how much we use our phones, but I have simply been recording the data and not paying much attention to it until now.

The app has to be constantly running in the background in order to record every time the screen is unlocked, recording each unlock as a pickup and every second the screen is active. This is the most automatic aspect of the app. Because of Apple’s sandboxing in iOS the app cannot eavesdrop on how long you use apps directly. Instead it asks you to take a battery use screenshot every week (or daily if you want more accuracy), which is then sent to Moment’s server an parsed to determine how long each app was active. The app designer (Kevin Holesh) acknowledges that this is an imperfect solution, but it is the best currently available on iPhones.

A hiccup I encountered is that sometimes the app records all the time I have been asleep as me using the phone. The FAQ explains that this is caused by using Sleep Cycle which can keep the phone unlocked while asleep. Usually I turn the screen off once I activate Sleep Cycle but obviously forget sometimes. This causes inaccuracies in the total screen time so I exported the data and the anomalies were easy to spot and correct (how often do you use your phone for 550 minutes in one sitting?).

My Screen Time

Average screen time: 1 hr 38 min per day (max 202 minutes; min 7 minutes)

Average pickups: 20 per day (max 49; min 5)

App Use

These are average values for my most frequently used apps.

Safari 19 min per day
Toy blast 13 min per day
Micro.blog 10 min per day
Facebook 10 min per day
Mail 6 min per day
Home & lock screen 3 min per day
App store 2 min per day
WordPress 2 min per day
Settings 1 min per day
Waterlogged 1 min per day
Last Pass 1 min per day
Sleep cycle 1 min per day
iMood Journal 1 min per day
Weather 1 min per day

Conclusions

Overall I would like to reduce my phone use to less than an hour per day, which is probably an attainable goal if I refrain from using my phone as a ‘boredom buster’. I have deleted the offending game (Toy Blast) and also the Facebook app. I’m mildly surprised that Facebook got as much screen time as it did because most days I only use it for 2 or 3 minutes. However there were some days when I sat watching stupid videos with the kids and that clocked up over an hour a day then. It remains to be seen whether Micro.blog continues to enjoy as much of my attention as it has recently, the novelty may wear off.

Another interesting consideration is whether I’m even justified in having an iPhone. There are apps that I always use every day but these are generally for logging details of my life which I’ve decided to keep track of for various reasons. This sort of thing could just as easily go in the notebook which is always in my back pocket. I could buy a lot of notebooks for the $20 a month I currently pay for my phone plan. My counter argument for this is that I often use my phone to check my blog and email due to computers being a scarce resource in our home. I would prefer to use a laptop to read blog articles or reply to comments or email but often the kids are using our only functional laptop.

The flow of our habits

The flow of water carves rock, a little bit at a time. And our personhood is carved, too, by the flow of our habits.

This quote comes from an essay by Jonathan Safran Foer in the New York Times titled: How Not to Be Alone (published 8 June 2013). The essay is about technology eroding human connection, but this one sentence is what I want to focus on.

The nature of habits is that they are shortcuts around the hard work of thinking consciously about every little thing we do, how we act, the expressions we use, how we speak, even how we think (see Unhelpful Thinking Styles). In many ways we are, to other people at least, the sum of our habits.

Initially, to form a habit we shape our behaviour, consciously choosing certain actions and thoughts over others. With sufficient repetition a habit forms, a preference is established of resorting to the habit rather than the hard work of something that is new or different to us. Each habit we have causes slight changes to our brain, reinforcing the neurological pathways which cause the habit to occur and reducing the threshold to trigger the habit so it runs efficiently given the appropriate circumstances.

The sum of hundreds of habits we all perform every single day wears a groove in the matrix of society. Multiply this by hundreds of thousands of people each running in their habitual groove and social norms arise, trends occur such as the generally bad attitudes of Dunedin drivers, the laid-back nature of most Polynesians, the brashness of Americans.

Because our habits wear a groove through our lives, they are very difficult to change. Obstructions can be ground down by the persistence of following a habitual track which requires less energy than altering course. This is most obvious in older people who have deeply ingrained habits that they are not even aware of. But it is not impossible to change habits, it does take great persistence and determination to make any changes stick

My typical approach is to go through each day without giving much thought to my habits. But if I consider the effect my habits could be having on the person I will be in ten years time, I need to decide what aspects of me now I want to nurture and what needs to be deleted. Then I need to look at which habits cause the attribute I don’t like and how I could change my habits to support better attributes. (There is a good bit of unfinished thinking here!)