Regain security
Regain email privacy & security

Part #3 of the Data Liberation series

Is there ever time in the day to reconsider your online security? I mean, really consider it?

Take the most common access point for communication in the 21st century – email. Yes, you read that right. It’s still email. Email is the root of online authentication for people worldwide, not only allowing them a “safe place” to recover lost account credentials, but also facilitating properly secured communications with the use of PGP signed and encrypted email. But is your email storage secure?

The woes of web mail

The “problem” with email is that its ubiquity spawned, some years ago, the explosion of “free” web mail services. All the big players provide it. These services are advertising-supported. In other words, the cost of providing such services are met by revenue generated from scanning your email and providing “relevant” adverts within your browser to click on. Each click is tracked and the advertiser billed accordingly.

An issue here, then, is that your email is scanned. All your emails are read by an indexing process which scours every single nugget of information. What information could that include? How could it be used? How about this little list for starters:

  • the date & time
  • the sender’s name and email address
  • their computer’s name
  • their network (i.e. their email provider, their ISP, any intervening mail routers)
  • their probable native language
  • their approximate location when sending the message (obtained from their original IP address)
  • your approximate location when reading the email (based on your IP address)
  • yours and their exact locations if using any location service

That’s not all

If the sender is using the same “free” web-mail service as you:

  • if they use a calendar in that service, what they were doing when they emailed you (giving an insight into the sender’s thought processes…)
  • if they maintain a contact list / address book in that web-mail service, that service may “know” you are a friend or family member of the sender
  • in this case, it will also know their friends – and your friends – and any shared friends too.  It can start to build up a map of contacts – who knows who and possibly why.
  • Knowing “who knows who” means those related contacts’ web-mail services can be interrogated for commonalities, such as shared events (in a calendar), shared interests via a social network, and so on.

Web cam

There are yet more ways your data can be exposed. If they are not using the same “free” web-mail service, but are using another service which they log into using their web mail service’s credentials:

  • that web-mail service provider could poll the other services to see what data you are sending (e.g. what you are posting) to those services
  • it can map any correspondence to or from your contact via its services even when not in relation to your email – e.g. It can expose a contact’s movements, their communications and interests in a given time-frame.
  • they can even be exposed by their use of related services from that provider. For example, new photos into a flickr or instagram account which is public, can be mapped back from their date, time and location to the IP address that was used to query location services.

Finally, a crucial problem with all online services is that there is no guarantee your data is actually deleted when you choose to delete it.  After hitting “delete” through a web site, this could simply flag the email to be removed from your visible account and stored in MegaWebCorp’s vault of “deleted” email, remaining there forever.  Or until needed…

This is the risk of putting data into another provider’s hands – what gets uploaded or stored in your name, stays there in your name, forever. What goes up, sometimes stays up.

Resolving the privacy crisis

Coming back to email, then, the first priority for someone who wants to maintain some privacy with respect to their life activity needs first to remove the source of indexing from MegaWebCorp’s database – the link between all things you do, your email address.

When the email address is removed from the purview of MegaWebCorp’s systems, your online activity can start to become your business – not the advertiser’s.

Getting your own address is simple.  You can register a domain name with any of numerous providers around the world and sign up for a low-cost hosting plan.  For any person who values their privacy and the sanctity of anonymity, this is a small hurdle to overcome.

For the gain in privacy you can achieve by hosting your own web site, the price attached to a “free” web-mail account may seem rather high.

Bootnote

ArsTechnica has an interesting article published yesterday (30 March 2014) on “metadata as surveillance” .

 

“Fun” with Windows 7

So.. been having lots of fun with Windows 7 this morning.  Got hold of a refurb PC for doing some client system testing.

Win7 install completes and there are 3 updates to do.  Start the update process and two modal windows open up behind the update window, waiting for me to do something.  Have to click on task bar’s flashing icon to bring windows to the front.  On Windows.  Windows.

Anyway, I give the “OK” for Microsoft Security Essentials to install and it does, then starts to run an update within itself (!).  Due (perhaps) to the length of time of this process on this ageing P4, the main MS software updater kicks out another window saying “The application Microsoft Essentials may not have installed correctly.”

I’m sorry.  “May“??

Choices are “That’s ok, it installed correctly” or “Reinstall this application”.  Except the application is installed and already running an update.  Err…?  So.. how do I know it has installed correctly?  Because it’s running…(?!) (Does the computer not know??!)

With 20 minutes of Windows use this morning, I can’t believe just how bad things are on the other side of the fence.  Someone fresh to Windows will see all this flashing icons, hidden windows, alerts, worries…  and not have the first clue what to do.

Someone close to me was one of those unfortunate souls.  She’d persisted for about a year with her Win7 machine and was constantly anxious with its scaremongering.  Hardly a productive environment.

Luckily, she’s now running #debian #wheezy with the #gnomeshell and immediately found it intuitive and straightforward.  Go #freesoftware !!

INTRODUCTION

Enough was enough. I rocked and rolled along with one mainstream distribution after another, since I started using GNU/Linux in 2000. It was time for something else. Something that wasn’t trying to be everything.

Even I was slightly surprised then that, knowing so little about it, I chose Slackware Linux as my next distribution.

Here are some rough-and-ready notes from my installation, in case they’re of help to anyone else.

INSTALLATION

To install on an encrypted drive, I followed Juan Valencia’s blog:

http://www.jveweb.net/en/archives/2010/10/installing-slackware-in-an-encrypted-lvm.html

Apart from the natural modifications expected, i.e. kernel versions, the instructions were completely sound and the installation proceeded without issue.

INITRD KEYMAP

One LILO was installed, and the system rebooted, I had two issues:

  1. The USB devices attached to my ThinkPad’s docking station weren’t activating at boot time
  2. The keymap of the initial ram disk was set to US, so to decrypt my drive I had to observe the alternative placement of certain characters… 😉

To resolve these issues, I found the “IT Debris” blog (amusingly sub-titled: “Nothing lasts, nothing is finished, nothing is perfect”):

http://blog.beulink.org/slackware-initrd-luks-usb-keyboard/

To the command line (mkinitrd -c -k 3.2.7 -f ext4 -r /dev/vgl01/lvroot -m usb-storage:ehci-hcd:usbhid:jbd2:mbcache:ext4 -C /dev/sda2 -L -u -o /boot/initrd.gz) I added the flag “-l uk”, which loaded the UK keymap by default into the initial ramdisk.

Not forgetting to run lilo afterwards!

LILO’S KEYMAP

LILO’s keymap was also set to US. I decided to take a look at this. While the documentation is pretty comprehensive, the instructions for this particular issue were met with a slight problem – the file locations and names had changed in the 13 years since the documentation was written.

keytab-lilo is the recommended tool for updating LILO’s keyboard mapping.

keytab-lilo expects a US map and the other map (in your language, that you want to use) in order to create a mapping between them.

According to the docs, as referenced in /usr/share/doc/LILO…/doc/README’s web link, keytab-lilo expected keyboard mappigns in /usr/lib/kbd. This directoty doesn’t exist, so I did this:

mkdir usr/lib/kbd mkdir /usr/lib/kbd/keytables

loadkeys uk

cd usr/lib/kbd/keytables

cp /usr/share/kbd/keymaps/i386/qwerty/uk.map.gz . cp /usr/share/kbd/keymaps/i386/qwerty/us.map.gz . gunzip uk.map.gz gunzip us.map.gz

mv us.map us.kmap mv uk.map uk.kmap

keytab-lilo uk > /boot/uk.ktl

.. FINALLY, edit /etc/lilo.conf in your favourite editor:

emacs -nw /etc/lilo.conf

boot = /dev/sda keytable = /boot/uk.ktl

NOTE: the remapping doesn’t seem perfect. The hash (“pound” in en_US) symbol (#) is mapped to two keys and the UK pound (£) symbol is not mapped to number 3 at all, but in the main this is a usable UK mapping for me.

AND.. THE SYSTEM KEYMAP!

Edit /etc/profile.d/lang.sh, adjusting from en_US to en_GB

POST-INSTALL STUFF

After this, there were a couple of issues which I wanted to resolve. When using Ubuntu, I recall there was an issue with using a ThinkPad T420 (my machine) and possibly other ThinkPads with audio output via the docking station‘s analogue port. The issue was also addressed in a Ubuntu forum post.

I created /etc/modprobe.d/t420.conf and added the following:

options snd-hda-intel model=thinkpad

options iwlcore led_mode=1

.. then rebooted. Perfect – audio came up as expected. The flashing LED still appears to be flashing, though, so this requires further investigation.

INSTALL GOOGLE CHROME

http://web.archive.org/web/20150815075708/http://infinityperl.org/post/2009/12/09/How-to-install-Google-Chrome-on-Slackware-13.html

(+ hangouts plugin): http://slackblogs.blogspot.co.uk/2010/08/videovoice-chat-works-in-slackware.html

TERMINAL – modifying the prompt

A long trip arouind the documentation and understanding how bash is invoked made me realise that the easiest thing to do is go into XFCE’s Terminal preferences, and tick the box that says “Run Command as login shell”. Then I get my nice prompt with my login, hostname and path instead of just “sh-4.20$”.

PSEUDO SUMMARY

These are my first steps at installing and configuring Slackware Linux. So far, so good. And not a single crash, which is what I expect from a sensible GNU/Linux distribution.

When making my morning brew, I started pondering how to make it more interesting.  Sure, you can add flavour (and waistline) “enhancements” like cream, sugar, maybe some vanilla…  But such unimaginativeness doesn’t last long.

Image courtesy of oddee.com. You can
also buy coffee from the dark side.

What’s needed is a whole new coffee experience. 

Scouring the web for new things to do often turns up very interesting results.  For instance, there’s a whole web site dedicated to Putting Weird Things in Coffee.   Some of those weird things include cheese, meat (!) and even black pudding.  The fascination with meat is prevalent elsewhere, too. Hmm.

But you don’t need to go so far to enhance the flavour of coffee.  One simple food-enhacing staple – salt – has also been used extensively and blogged about for some time.  Clearly, it might be worth trying.

Spices, of course, have provided that added “something” to a good coffee for many years. Adding spice instead of sugar is also a neat dietary trick for those careful watching calorie consumption.

Taking it up a level

What you put into coffee is only half of the story though.  How much caffeine you ingest daily is another thing.  Curiously, at the time of writing, 66 people “Like” this Facebook page entitled “Extreme Coffee Drinking“, which has no content and not even a picture.  As one quote says, “Coffee: do stupid things more quickly and with more energy“.

Extreme coffee drinking seems to be a sport amongst some.  It’s not merely a question of having multiple cups per day.  Whether the evidence is conclusive that lots of coffee each day can kill you, is certainly still to be debated.

Things can get a bit extreme, though. Death Wish Coffee, as reported here, promotes extreme levels of caffeine as its USP.  A step too far?  Maybe.  But, it can hardly be contested that we love coffee, and our interest in all things joe-related, together with its growth in the West, continues unabated.  Coffee is recognised as a personal experience, so the growth of single cup products may indicate that social coffee drinking is diminishing in favour of a more insular, smart-phone focused experience.

Taking it too far?

While at university, I recall many a lovely coffee in what is now claimed to be the world’s oldest internet cafe – CB1 (Google Maps link).  I’m not sure about the validity of this claim, but there’s no disputing the charm of a good coffee shop.

But these days, though it’s not all academia, with bustling coffee shops populated by artisans, guarded closely by the intelligentsia. Caffeine addiction and dependency/withdrawal symptoms are a real problem for some people.  Luckily, the web has many suggestions to combat this.  I suppose one could make a visit to an internet cafe and research this on his or her own…

Perhaps indulging in a caffeine kick is not the best long term policy, but it certainly starts the day well.


If you have a curious bent – and you bought a Chromebook thinking it would be the answer to all problems, then chances are you probably gave up on that notion fairly quickly and installed a variant of GNU/Linux on it.

If so, well done. Thankfully, Daniel Berrange – a Red Hat fellow and Fedora users, posted some instructions on how to get Fedora 18 (Spherical Cow) installed on a Samsung series 3 (XE303C12) Chromebook. This is the route I decided to take, having been a Fedora user for many years. But I digress.

If you have GNU/Linux installed on a Series 3 Chromebook, you may want to remap those Google-inspired function keys that run across the top. You know, those keys with the arrows, reload, window-size/position, brightness and volume icons… Yeah. Actually, they’re function keys: F1 to F10.

A good read for how to identify what each key is can be found here, on this askubuntu post which details the xev command. xev displays the numeric keycode of the keyboard key (!) you just pressed.

Keys F1-F10 use the following keycodes:

KeyKeycodeEquivalent
Back67F1
Forward68F2
Reload69F3
Resize70F4
Stacking71F5
Bright down72F6
Bright up73F7
Mute74F8
Sound down75F9
Sound up76F10
Using xev, you can remap the function keys to something more appropriate to your environment.

To remap these keys, we now need to identify what extended functionality the XF86 multimedia keyset provides.

A reference table is available is available on linux questions.

Quite simply, I am very happy to be back in Emacs-land.

There I was, thinking that the web-based task managers, to-do lists, etc
were “all that”. Well, ok, I do feel that some are pretty good, as you can tell from
my tag cloud on this blog. But nothing ever felt like it was native to
me, this keyboard and this computer.

I wanted to put tasks on a computer to Screenshot - 100413 - 10:55:20make them easier to manage.  Putting them on a web site didn’t do that, and I don’t think it ever
really will for me. So I’m back in the saddle with orgmode and boy, am I loving this again. It’s amazing how the keystrokes just come back to
you.

Here’s my list of software in Emacs (at  present):

  • mu4e, for E-mail
  • orgmode, for task/calendar management
    mobileorg, for portability
  • weblogger, for blogging (duh)

For coding, I’m also using:

.. plus some other fontification and syntax colouring plugins.

Truly forgot what a joy it is to use this environment, although it does
take a little work setting up.

A simple one, this. Firstly, get to where rhythmbox stores its data:

# cd ~/.local/share/rhythmbox

Then, do this:

# grep podcast-feed rhythmdb.xml -A 5 | grep location | sed -e 's/<location>//' | sed -e 's/<\/location>//'

You should end up with a list of URLs which your podcast feeds are served from.

.. and why you should consider it, or, “…and how to be more efficient”.

I’m an avid tasker and a fan of the GTD methodology, but when I use tools that have lots (and lots!) of features I tend to slip up easily and do silly things.  An example is adding a repeating task to my task list.  A repeating task? Why is this an issue?


Google Tasks: Simple.
Too simple, for some.

I simplify this slightly, but in David Allen’s approach to task management, anything that is time-related should be put into a calendar.  Therefore, if I am allowed to set up a repeating task, this means I need to do something with a certain regularity, which further implies I must actually do it at some point in order for it to warrant the repetition which I have ascribed to it.

In ToodleDo and other “expert” task managers, the ability to manage tasks has advanced to the point where you can essentially control your calendar through your task manager.  This approach really suits some people but, to me, this essentially is the tasks-first, time-second approach.  It is truly a GTD-esque system and I have had a love/dislike affair with it for several years.  I have never “hated” ToodleDo – it’s a great system, but isn’t as integral with my working environment as I would like.

Why move?

To me, tasks should be lean and mean.  I don’t really want to spend my time managing them – I want to be doing them.  And various factors always weigh in that can be managed outside of my task list.  I become less efficient if I start duplicating events into tasks.Part of me loathes the traditional “Weekly Review” of the GTD system.  I have a daily review and the most important things are always the ones that get done – it’s a self-managing approach which I’m happy with and doesn’t require over-thinking.  Removing the opportunity to over-manage tasks is A Good ThingTM in my book.  All I want to do is store my tasks somewhere and interact with them quickly.  Using Tasks in Google will accomplish this.

Yes, but what about contexts, projects (folders), statuses & goals?!

GTDers rejoice! Toodle-
Do lets you live the dream!
In defiance of pure GTD-ism, here are my views on these three aspects:
  • Context
    In GTD, the context of a task is, broadly, how, when or where you might do it. What I kept finding about my contexts, as I was setting them, were that they kept resembling more basic primary situations.  For example, I started with “shopping”, “online”, “errands”, “home”, “phone” and “work”.  Except, when I started looking more closely, these contexts could be whittled down – and needed to be, in order not to conflict with my Projects/Folders.”Errands” and “shopping”.. well, I would generally be out and about for both of these, so why not make them simply “out-and-about”?  This would mitigate the risk of not running an errand while out shopping.  Phone calls would typically be work-related, but not always – so I would either make them during work or in personal time.  Realising this, I started to see that all of my activities would be split, broadly, between work and personal time.  Therefore, if I was working, I would want to make work phone calls.  At home, I would want to catch up with my friends online.With always-connected capability (phone, internet, 3G, etc) my contexts eventually became two things: work or personal.  That’s it.  With a Google Apps for Business account (work) and a personal GMail account (personal), I can separate my work and personal tasks completely.
  • Projects/Folders
    My Folders (“Projects” in GTD parlance) in ToodleDo would typically resemble the types of task I needed to manage.  You could argue that this is the wrong way to manage tasks, and instead use Tags for this purpose.  While true, Tags are amorphous while Folders are structured and, in ToodleDo, Folders resemble the only way to aggregate tasks into suitably-managed “blocks”.My Folders are things like “cases” (support), “customer/project”, “finance”, “phonecalls” and “systems”.  These are unlikely to change as they closely match my general daily activities.  Google’s Tasks can accommodate this with top-level lists.  Within each list, I can have a task (with indented sub-tasks) which allows enough manageability without overcrowding my senses with due-dates, contexts and estimated duration.
  • Status
    This is a real easy one and probably the one thing I disagree with GTD about.  The overall status of my tasks is logical: either incomplete, or complete.  If I am waiting on somebody, I will already know this.  If I am doing my task, I will probably know this too!But what about if I wish to do my task “someday“?  Well, shocking as it may sound, but that’s how I view all my tasks.  They are things to be done, sooner rather than later, but someday is the best I can plan for.  And this is what it’s all about: planning effectively.  Therefore, to have a status of “planning” seems idiotic: unless I’m actually doing a thing, I’ll probably planning to do a thing!This is the key:  the status of a task in GTD could be mistaken for the status of a person – you.  If my status changes, that might mean my ability to do that task is deferred.  That doesn’t mean I won’t do it, or that the task somehow becomes like me and is also unable to do anything until another time (such as when I am well, or back from a holiday, etc).
  • Goals
    …. I include here as a passing reference.  One aspect of goal-setting is the ability in ToodleDo to track progress on tasks relative to goals set.  In this regard, Google’s Tasks is clearly inferior.  But managing goals can exist outside the context of a task management application and, I argue, it should.  If goals are important, one’s whole life should be managed into achieving them.

They said it couldn’t be done.

Well, actually, they didn’t really say that.  I did.  But it’s true – it couldn’t be done, easily, until now.

Here’s what you need:

  • A ToodleDo account (www.toodledo.com)
  • An Astrid account (www.astrid.com)
  • A GMail or Google Apps for Business account (www.gmail.com)
  • A smartphone capable of running Astrid’s mobile app, installed from your device’s play/app store.*

* I have only used this on Android 4.1 and have set up both of my Google accounts as sync accounts on my phone.  As always, your mileage may vary.

Here is the order of my approach – no warranties offered, it just worked for me:
  • Install the Astrid app on your smartphone.
  1. In the app, navigate to Settings (see pic to the right)
  2. Select Sync & backup
  3. Click on Synchronize now
  4. Authorize the log-in using your destination Google account
  • Create or Log-in to your astrid account using your desktop web browser, as astrid.com
  • Still in the Astrid app on your phone, go back to the Sync & backup settings and select Astrid.comensure that you can log in using your astrid.com account credentials.
  • Run a sync on the phone (menu > Sync Now) – this will sync your two task lists (Astrid and Google).
  • Now, log in to ToodleDo in your desktop browser and navigate to Tools > Import / Export / Backup and select CSV Import / Export.  Choose to Export all incomplete tasks.    You can also export all completed tasks if you want, but there’s no point syncing them (IMHO).
  • Back at Astrid.com in your desktop browser, click on your “name menu” at the top-right of the page, then Import Tasks. (see above-right screenshot)
  • In the next page, use the drop-down to select ToodleDo.
  • Import your CSV backup of incomplete tasks from ToodleDo – this may take a couple of minutes.  Be patient!  NOTE: I saw a javascript error/alert when doing this, but my tasks still imported ok.
  • Back on the phone, tap “Sync now” again.
  • Voila! Your original tasks are now in Google Tasks!