My Journey to Better Privacy (Part 5: Email)

Introduction

If you’ve been following along, then you know I’m on a quest to increase privacy across my digital life. The next stop on that journey is email. This system of communication has become so ubiquitous that we hardly give it much thought. We communicate over it with service providers, friends/family, random blogs, and any number of other entities. Since it’s a digital form of communication some get a false sense of its security, but that couldn’t be farther from the truth. Let’s take a moment to look at the current state of email in 2019.

How It Works

It’s sometimes easy to take for granted how digital communication works these days. We assume that what we’re writing is only being seen by ourselves and the intended recipients. But that isn’t necessarily true, especially in the case of email. In fact, it might be helpful to visualize email as more akin to its physical cousin, snail mail. A friend of mine once said it’s best to consider any email you send to be like a postcard. When you send a postcard it is secure in your house, and therefore somewhat safe. You then place it in the mailbox and send it off through the post office routing system. Along that route it passes through many hands. Those who have malicious intent, or are just nosy, could read it any time they want. Eventually it comes to your recipient’s house, where it is then again somewhat safe due to being in their residence. The same is true with email. Your mail provider places a lot of effort into securing their servers with encryption and other measures. However, once your email leaves there and is being routed to the recipient’s mail it is open and vulnerable. Once it arrives there are measures that keep it safe on the destination as well, but in between it’s basically completely open. Besides all of that, your mail provider likely uses data mining on your emails in order to serve you targeted ads. So even when the email is “safe” it is still being accessed by other parties.

The lesson here is that email should NEVER be considered private. Don’t put anything in email that you wouldn’t put on a postcard.

Safeguarding Email

There are some options for locking down your email and making it secure. Mostly this means using an encrypted service. Providers such as ProtonMail (great review here) offer end-to-end encryption, meaning that even they can’t see your email. There is a web client to securely access the service, or you can download their mobile apps. There are shortcomings in comparison to the convenience you’re used to (such as searching for a subject), but overall it’s a great way to secure your email.

The Downside

If it’s so great, why isn’t everyone using it instead of data vacuums like Gmail? Well, there are reasons. Remember our postcard scenario? Imagine if you sent someone a postcard and they received it just fine but couldn’t read it. With secure email services your recipients cannot read your emails unless you provide them with a password or public key to decrypt the messages. There aren’t a lot of friends that would do that just so they can receive email from me, much less people I barely know.

Also, your email is now sitting on their provider’s servers. Even if ProtonMail takes steps to ensure they can’t read your email it doesn’t mean your friends’ service lives up to the same standard. And any email they send to you will definitely have all of the same pitfalls of normal email. Plus, if someone forwards the email on then all bets are off.

Lastly, if you forget your password then all of your email is lost to you. This is the blessing and curse of ProtonMail not having access to your mail. They can’t snoop on you, but they can’t recover it for you either.

Conclusion

So, what’s a privacy-focused nerd to do? Even though services like ProtonMail aren’t as easy to use as traditional ones that doesn’t mean you should ignore them. As the funny taco commercial once said “Por que no los dos?”. Use ProtonMail for sensitive business emails or personal ones containing identifying information, and keep your usual service for all the spam you get from Old Navy and emails coordinating pot lucks. If you want to keep those from being data mined, swap to something like an iCloud address. It’s run by a major corporation too, but they don’t scan your email the way Google or Microsoft does.

Personally, I already stay away from putting anything in email I don’t have to. I prefer to use secure messaging systems for personal contacts (iMessage or Signal). If secure information needs to be emailed, you can always place it on a cloud storage service that is encrypted and then send them its link. This reduces the amount of storage being used on both email services (sender/recipient), lets you configure the link to only be accessible to certain individuals (either read or write), and lets you bypass the insecure digital postal system already discussed.

Be mindful of what you’re sending and how. And choose the option that works best for your situation.

My Journey to Better Privacy (Part 4: Digital Assistants)

Intro

Since the time I was a child the idea of robotics and automation has appealed to me. When digital assistants started to hit the scene I was stoked. I imagined myself controlling my home like Tony Stark with Jarvis. I tried to hold out for a good Siri solution, knowing that Apple makes quality products and that they are generally more privacy focused. But $400 is way too high for a smart speaker and Siri, bless her heart, is way behind the rest of the class in terms of intelligence. I ended up going with Amazon’s Alexa and have really enjoyed the experience.

At this point in time my investment in the Amazon Echo ecosystem is not insignificant. We are the owners of the full-size Echo 2, an Echo Spot (the alarm clock one), and the 2nd generation Echo Dot (the hockey puck). I even had a second Dot, but have since gifted that to my in-laws. Added up that’s a decent dollar investment (but still hasn’t reached the price of one Apple Homepod). With these devices I’ve been able to have music that plays throughout our house, control a number of lights by voice, have a simple intercom system, and more. An additional perk is that it lets my kids easily do things like turn on the lights in the scary basement from upstairs.

All of that to say, I have good reason to consider the privacy implications of digital assistants. And it could also be painful for me should I need to make a change. So you know I’m taking this seriously.

What Is The Worry?

After the initial rush of excitement surrounding digital assistants and their potential, a number of years have passed and important questions have come up in the mean time. Many people ask, if something is always listening for me to speak is it recording everything I say? Secondly, what is done with the recordings once your choice of tech companies has it? How long do they keep it? Perhaps most important recently is the question of human interaction. We always assumed that only machines interacted with our recordings, but it turns out that people do as well.

Some of these concerns are valid and some simply aren’t. Let’s start by taking a look at how these devices work, and that will help us separate out truth from myth.

How It Works

Honestly, it’s really very simple. In the case of smart speakers, or anything that uses a wake word (Alexa, Hey Siri, Ok Google), the device listens to everything said around it. This happens locally on the device, and it completely ignores anything other than the wake word. When the wake word is recognized, that is when it reaches out to the company’s servers. Any sound during the listening period is recorded and sent up to these cloud servers. That is where all of the smarts are (which is why the devices can have such low power hardware). Using sophisticated language processing, machine learning, etc their systems determine what you’re saying and how to best respond. Any number of things are triggered from there, and whatever you requested happens. That’s it. To summarize: Wake word, snippet sent to cloud, action taken. The companies then take a small percentage of the millions of recordings they receive, somewhat disassociate it from user accounts, and have people work with them to make their language processing smarter.

There are a few key takeaways from this knowledge:

  • The device dumps EVERYTHING it hears unless the wake word is registered. It is NOT recording everything you say.
  • The request is processed by machines. No human interaction is involved.
  • Though people are involved in training the system to be smarter, and that allows them to hear recordings, it is with an astoundingly small portion and your user account is partially decoupled from the recordings at that point.
  • It’s worth noting that Apple is more privacy conscious with its operations, such as tying recordings to a random identifier rather than your user account and doing as many operations locally as possible rather than in the cloud.

What Concerns Remain?

Having said that, it does not mean there aren’t real concerns. In our experience the devices can wake at very random times where we definitely did not say “Alexa”. At first this is just annoying (and a little creepy). The more you dwell on it, though, you start to wonder exactly what it’s picking up. Some have raised the point that personally identifiable information could be overheard, or bank numbers, etc. Sometimes I wonder if it picks up my children’s conversations. Not that they’re saying anything nefarious, but I don’t really want them recorded. Also, you just never know how anything you say will be taken if heard out of context. In today’s society people get really worked up about opinions they don’t agree with. Who’s to say it won’t overhear a conversation that isn’t politically correct, and then the workers might tie it back to you? What if something is acceptable now but in a decade is practically a thought crime (token 1984 reference)? One should always be careful of what they say, but this adds newer and potentially more dangerous considerations. Words you barely thought about almost instantly become data that is globally distributed and perhaps perpetually retained.

Most companies have built mechanisms to let you delete recordings from your account, but that doesn’t mean they’re completely purged. In the end it’s really up to them how long they’re going to keep the data and what uses they’ll have for it. The recording is on their servers and out of your hands.

After the outcry over having people listen to recordings most of those programs have been suspended. I can’t imagine that will last, though. I’m honestly not certain you can properly train the system without sampling recordings. That’s just the nature of how this technology works. They should have disclosed this better and potentially had their employees act more professionally (like not passing around amusing recordings), but it’s simply a reality.

Considerations For Balance

How much all of this matters to you is going to be a personal choice. Everyone has different thresholds for what they consider to be private conversation and how much they care they’re overheard. In many areas of life my wife is my touch point to reality. I can get very lost in the internal academic debate and become completely disconnected from the real world. While wrestling with these subjects in regards to our own home I asked if it bothered her, and she responded something to the effect “not even once”. Just now I asked her what she thought we should do and she said “I don’t even care”.

Another thing to consider is how deep down the rabbit hole you want to go. If you’re worried about devices listening to you without your permission, stop to consider the ones that are already part of your daily life. Every cell phone (smart or not), laptop, smart watch, and many desktops have mics in them. A bad actor could activate any one of those without your knowledge. It’s already been done before with webcams. Facebook, Google, and likely the goverment already have an astounding amount of information on you from multiple sources, verbal or not. And you could just mute or turn off the devices should you need to have a private conversation.

Conclusion

When you put everything together it’s a balance of obtaining the functionality you want vs the information you volunteer. For me that means, as painful as it is, Alexa and I will have to part ways. I really didn’t want that to be the case, and I even wrote up this article originally stating that I was going to keep her. But that didn’t sit well, and here are the main reasons why:

  • Conversations unintentionally overheard: There is no way around it, these devices often think you’re speaking to them when you’re not. That leads to us being recorded when our guard is down, and as stated before the information is then out of our hands and within Amazon’s control. For whatever reason this seems to happen much less with Siri, so I’m not as concerned about our phones, etc having it enabled.
  • People reviewing recordings: Only Apple’s system truly decouples your recordings from your personal information, so theirs is the only one I’m comfortable with in this regard.
  • There is no feature we can’t live without: We did a week trial without the devices and there was surprisingly little impact. A few smart home tasks are more annoying to do with the phone or watch, but overall life went on pretty much the same. Having the Jarvis effect is fun, but not something I’m willing to trade our privacy for.
  • No peace of mind: I mentioned this in the web browser discussion too, but peace of mind is very valuable. No matter how much I run over the facts and come to terms with them, something in the back of my mind was never comfortable with Alexa. Being without that internal battle during our week long test was refreshing, and a part of me has known since starting out with Alexa that something felt off about it. Maybe it’s paranoia, or maybe it’s instinct. Only time will tell I suppose.

So going forward the only digital assistant in our lives will be Siri. She’s not the smartest, and the Apple Homepod is absurdly expensive. If they go on sale or Apple produces a lower cost Echo Dot competitor then I’ll jump on board. In the mean time we just use our phones or watches for the same tasks. And if worse comes to worse, we walk across the room and hit a physical button. Turns out that’s still a completely viable option.

Update (09/08/2019)

A few weeks have gone by since I posted this article and I’ve now changed my position on our Alexa devices. This is because of a couple of key reasons. First, Amazon will let you opt out of having humans review your recordings. Second, I thoroughly reviewed my own article above and concluded that my decision leaned more on the paranoid side than the cautious.

TLDR, all of the information above is still true and valid. But the value vs risk index tips in favor of us keeping Alexa rather than dismissing her, especially as Amazon comes under increasing pressure to make sure she guarantees our privacy. As noted above, my family has received a ton of benefit from using these devices (my children have literally been begging me to put them back). We feel comfortable with the way the technology works and the benefits we receive from using it.

Getting Started As A SQL Server Professional

I’ll never forget when I first started working with SQL Server. After the initial excitement of diving into something new I launched SSMS and then just sat there looking at a blank query window, with no idea what to do next.

I see a lot of questions online regarding how to get started as a SQL Server professional. Either they have an interest in data and are looking to make a career out of it, or very often they’re in an entirely different role and their company throws data responsibilities on them as well. (Many of us are “Accidental DBA’s”.) In either case, it can be a daunting prospect at first.

I’m here to tell you that you’re going to be fine. Not only is there mountains of information available, but there is also a community of data professionals who have been in your shoes and are more than willing to help you find your way. This article serves as a bit of a foothold, a launching point of sorts to direct you toward those resources and get you moving.

Community

This might seem like a strange place to start, but I think it will help you to begin here. We tend to be loners as IT people, hiding in our dark corners and interacting with others as little as possible. But there is a wealth of knowledge out there held by your colleagues, and many of them are eager to share it with you. Your first step as a young SQL Server professional should be getting connected with PASS. This is the Professional Association for SQL Server, and they have a number of resources to help get you the training you need. There are user groups, both physical and virtual, SQL Saturday events, as well as the yearly PASS Summit. Getting connected with them early on in my career was a tremendous blessing to me, and I know it would be to you as well. Half the battle is not knowing what you don’t know, and they have resources for every level of your career whether you’re a complete beginner, intermediate, or advanced.

Also, one thing you’ll learn at PASS is that the SQL Server community is very active online. You can easily connect with them via Twitter or Slack. On Twitter, just search for #sqlhelp. World-class professionals watch it throughout the day to provide feedback and assistance. This includes many of those that speak at PASS Summit and other events.

One last note on community: don’t be afraid to ask questions. Everyone has been new, it’s okay.

Online Resources

There are a couple of resources that I did not find until much later in my career, and I wish I’d had them sooner. One is w3schools. This site gives a great tutorial of the SQL language, and will get you well on your way to making good use of it. A second is SQL Fiddle. This is a fantastic resource, especially for those that do not have a sandbox environment to practice in. It lets you build schemas of various database types (MSSQL, MySQL, etc) and test your query syntax against them. When you’re just starting out with the SQL language, these two sites combined are a great way to practice.

Another great website for new SQL Server professionals is Brent Ozar’s. There is a “Free Fundamentals” section on his training page. He is also well known for his Blitz scripts, which allow you to quickly ascertain the health of a SQL instance and take care of common issues. All of his First Responder Kit is available to download for free.

Also, don’t forget about YouTube. There is a ton of great content out there, including big names like Microsoft and PASS.

Books

Not every learner is the same, but for me books were what first helped me really start to understand SQL Server in depth. The Training Kit and Exam Ref series by Microsoft are very good. The Training Kit is what I used at the time, starting with the one for the exam I wanted to take first. I read it cover to cover, passed the exam, then did the same for the next one. There are a lot of boring stretches along the way, but in the end you cover a wealth of information.

I also see Itzik Ben-Gan recommended a lot, particularly his T-SQL Fundamentals book. Incidentally, he also co-authored some of the books mentioned above.

Conclusion

There are a great many other resources out there as well, these are just a few that I’m aware of and that have been beneficial to me. I’ll be asking the community to contribute to this as well, so stay tuned for updates!

My Journey to Better Privacy (Part 3: Social Networks and Messaging)

Intro

I’m on a journey to improve my online privacy. Search engines and web browsers have already been covered in previous posts. What discussion on this topic would be complete without Social Networks (Facebook, Twitter, Instagram, etc)? I’m also going to include messaging along with them because they often go hand in hand (ie Facebook Messenger).

Why Does It Matter?

Social networks encompass a large portion of our online activity, and ironically are also one of the main outlets through which we hemorrhage data. Besides the risks incidents like the Facebook data breach present, why are we okay with giving the social networks themselves so much data? Even if you follow the argument that you’re a good person and have nothing to hide, it’s still disturbing to have a random party repeat back to you what you ate for lunch. Yet we tell things to audiences of thousands, and that data gets spread to servers around the globe. We have seen in recent history how old year books from high school and college have affected people’s careers. What if a decade from now what you’re freely laughing about with friends is completely socially unacceptable? There is a timestamped record of it anyway, and your picture is likely along with it in full HD. In the same vein, what if laws later change around the governance of that data and third parties such as governments or others can freely access it? The point is, we don’t really know how the accumulated data of our lives is being used today, much less how it will be in the future. Also, studies have shown that social media is just plain bad for you.

What Am I Going To Do About It?

Delete all my accounts!!! Just kidding. I’ve actually been down that road before due to a mixture of privacy concerns and trying to engage with people in person more. In the end I came back, and I don’t plan to delete them again. This may sound outrageous given this post is about privacy, but if you will remember I stated at the beginning of this journey that I was trying to strike a balance between full tin foil hat paranoia and living effectively on the internet in 2019. In my specific situation, I have family and friends scattered around the country and globe. I don’t often get to see them in person, so Facebook is a very effective way of keeping in touch with them. Also, groups we are a part of coordinate heavily through it, such as our Sunday School class at church. I use Twitter, Linkedin, and others to stay in touch with the tech community and post (hopefully) helpful information such as the entries on this blog. So, in the end a complete burn-it-to-the-ground deletion would not be the smartest move for me.

I have found over time, however, that there are ways to severely limit what information I give to social media. The first has nothing to do with technology, it’s discipline. I make a practice of only saying online things that I wouldn’t mind a crowd of strangers overhearing. Sometimes I remember this more than others, but overall the idea is to simply be careful what you say. Second, I use a web browser and plugins that block website components that want to spy on me, including those connected to Facebook’s like button that appears on almost every page. On mobile devices you can use apps such as Friendly to still get the social network content without as much bloat and spying.

There are additional steps I’m implementing, however. This is after all a journey forward, not a review of steps I’ve taken in the past. First, I’m setting a specific time frame during the day to be my social media window. I’ve gotten far too comfortable with randomly accessing it throughout the day the moment I experience more than a second of boredom. I think we would all benefit from learning to curb that impulse, and regaining some of the ability we’ve lost to simply just “be”. Second, in order to help reinforce this first goal I am going to remove the apps from my phone. I’ve tried this in the past unsuccessfully, because I would simply log into the web version. But this too is more about discipline than technology. Tech can make a lot of things more convenient, but our choices are still up to us. As a side benefit, I’m looking forward to increased battery life and mental focus.

As mentioned up front, I’m including messaging in this effort as well. I think it is even more sneaky in regards to our data, because we get the false sense that it’s private. You’re having a conversation with those closest to you, forgetting that any number of unknown entities could at some point access all or part of that conversation. I’m taking the same mitigating steps with messaging as those listed above. But I’m taking one additional step of only using messaging platforms that include end-to-end encryption. That means that your messages are protected on your end as well as the recipient’s, and no one in between (including the company hosting the service) can read them. For me that means using iMessage and Signal. iMessage is only available on Apple products, but Signal is cross-platform.

Conclusion

In the end my choices might not match what makes sense for you, and that’s okay. This approach allows me to stay in contact with family/friends and coordinate with groups who are heavily invested in Facebook as a communication platform. But it also allows me to reduce both the amount of data I put into these companies’ hands and the amount of time their products take away from my life. It also ensures that my personal conversations aren’t snooped on. I’m a boring guy with nothing to hide, but I’d still be creeped out if a stranger asked me about where I went on vacation.

My Journey to Better Privacy (Part 2: Browsers)

TLDR

My Recommendation: Firefox, with the extensions HTTPS Everywhere, uBlock Origin, Firefox Multi-Account Containers, and Cookie AutoDelete
Privacy Simplified: If you just want privacy out-of-the-box and don’t care that it’s based on Chromium, go with Brave.
My Mobile Recommendation: Safari with Firefox Focus enabled as a content blocker, or Firefox depending on your preference.

Intro

If you read my previous post, you know that I’m on a journey to achieve better online privacy. Much like with search engines, web browsers are something that I’ve been considering for years. I tend to be drawn towards Chrome for its features and the fact that most sites are built to work with it. Then I become more privacy conscious and move to Firefox, with several addons enabled. Some point either after or before that I use Safari because of its integration with my devices (we’re basically an all-Apple house).

I wanted to make a concrete decision this time, though (or at least as concrete of one as can be made when technology changes so drastically from year to year). For that reason, I’m putting my thoughts down in writing and sharing them with you. It’s an accountability mechanism of sorts. Also, I sincerely hope that it benefits you as well.

*One small note before we get started. There are a LOT of browsers out there. I’m only going to cover the top few that tend to circulate through my life and that I think the mass majority would consider.

Chrome

Almost without doubt, if you’re asking which browser is going to be fastest and work the best it’s Chrome. Depending on which stats you look at, it has up to 75% of the market share, and for good reason.

By StatCounter – http://gs.statcounter.com/browser-market-share#monthly-200901-201905, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=80089473

But, how is it in regards to privacy? After all, its maker Google has come under a lot of scrutiny in that area over the last several years. Even The Washington Post basically called it spyware. They’re an ad business, using their “free” services to collect mountains of data to fuel that business, and Chrome is just a tool to help direct people towards contributing to that. It’s also becoming a bit of a monopoly as well, to the point where developers only code for it to the exclusion of other browsers. For these and other reasons, many (including myself) are highly suspicious of letting it pilot our journey through the web.

However, they haven’t left users completely without options. If you’re willing to look for the options in settings then you can turn off a lot of the snooping. Also, Chrome has one of the richest extension libraries, so you can add a number of those that will greatly enhance its privacy capabilities.

I for one remain too skeptical to embrace it as my daily driver. I truly wish that weren’t so, because it’s probably my favorite overall. But it just doesn’t sit easy with me.

Firefox

I’m going to be a lot more verbose concerning Firefox, because it is basically the measure by which I will judge all the others. It has a long history of fighting web browser monopolies and is basically a household name at this point. Below are some of the reasons it stands out to me.

Open Source: It is not the only option I’ll discuss that is open source, but it’s probably the most respected in the open source community. I’m not someone who will say non-open-source is evil (I’m writing this from a Mac), but I do think it’s something we should promote as often as possible. This is especially true in regards to the web. At this point in our culture the internet is almost like a utility. It houses essential resources for communication, productivity, education, and so on. It’s my belief that an open source browser from a non-profit company is better positioned to safeguard that than an offering from a large corporation which has special interests.

Defenders of the open web: Continuing off the point above, Mozilla (the maker of Firefox) has a long history and deep commitment to keeping the web open. Because they aren’t selling ad services, they can freely support ad blockers unlike Google is doing. They also sponsor lots of events to educate people on how to interact with, and contribute to, the web community.

Cross-platform: Firefox will run on Windows, Mac, or Linux. You can also have it on Android or iOS devices. If your life doesn’t reside all on one platform (as most people’s doesn’t) you can still use Firefox and sync your data across all devices.

Not Chromium based: Chromium is the open source browser that Chrome is built on. It’s basically Chrome before some Google-specific components are added in. As already mentioned above, Chrome is becoming a bit of a monopoly. There is NOTHING wrong with building a browser on Chromium. Several fantastic browsers do that. However, it further contributes to this monopoly. The more Chromium-based browsers there are, the more developers code to only that platform. This leads to the exclusion of other browsers. When users hit issues they think “Why is this browser terrible?”, not “Why isn’t this site built better?”. This continually funnels more people towards Chromium based browsers, where the sites “just work”. And in the end Google has gained more control over how the web behaves than any one company should have. Firefox, however, uses its own engine and it’s fantastic. For a deeper look at the pros and cons of using Chromium-based browsers, this article is a great read.

Extensions: Honestly extensions are almost what make a browser in regards to privacy. And Firefox has a WEALTH of them, in addition to the privacy features already built in. Don’t get me wrong, Chromium-based browsers do as well via the Google Chrome Web Store. But, that continues the Google snowball that I’ve already discussed. Firefox is known for being extremely customizable, much of which comes from its extensions. You can go full-on tin foil hat with them or use none at all. Below is the list that I have found to be a good balance between completely open and so secure that the internet is unusable:

  • LastPass (Password management)
  • HTTPS Everywhere (Resends your requests using the encrypted URL instead of the standard one)
  • uBlock Origin (Blocks ads and tracking from Google, Facebook, and others)
  • Firefox Multi-Account Containers (Keeps cookies in silos so that sites can’t use info from other ones to track you)
  • Cookie AutoDelete (Every time you close a tab it deletes the cookies associated with it, so that they don’t linger and become used in malicious ways)

Containers: Continuing off of the extensions discussion, I’d like to expound a bit more on the Multi-Account Containers made by Firefox. This is one of the key features specific to Firefox that no other browser has. I can have my work, social, banking, search, and other sites open in their own little silos. That way none of them mixes together and uses each other’s cookies to spy on me. It really is a fantastic way of walling off information from those with ill intentions. There is a bit of work up front to tell it which containers you want sites to open in, but thereafter it will use them automatically.

Conscience: Last but not least, it just sits well with my conscience. Maybe it’s just me, and others might not put a lot of stock in it, but there’s something to be said for having peace of mind.

So what are the downsides? Let’s not pretend there aren’t any. As mentioned before, you will likely run into more issues with sites not working than with a Chromium-based browser. Who’s fault this is doesn’t really matter, in the end the result is encountering more problems. Ones that likely won’t go away. Secondly, it’s just not as polished in general. The Quantum rewrite took it forward leaps in both speed and performance, but it still seems to lag more and be less smooth overall.

How much any of these cons matter to you will largely depend on how hard-core you want to go with the privacy push. Without a doubt, you can’t go wrong with Firefox when looking for better privacy and security.

Safari

Safari is actually quite a good browser these days, and also very privacy focused. Apple has realized that privacy is a niche where they stand out in a good way. Whether they intended to do that for the sake of the users or just ended up there by happenstance, nobody knows. But they’re milking it.

There are a bunch of small features that make Safari appealing in my Apple-integrated world. Chief among these are:

  • Reader mode (Other browsers have one, but this one is the best)
  • Text shortcuts (Every time I want to input my email I simply type “eml” and hit space. The same is true for address, phone, etc. This saves a surprising amount of typing and syncs across my devices.)
  • Seamless syncing with my other devices
  • Built-in reading list
  • Beautiful design and performance on both desktop and mobile

Add to the items above that you can add extensions, plus other capabilities through App Store apps, and Safari is a solid option. You’re probably wondering at this point why I don’t use it given all the bragging.

As with all things, it has its downsides as well. One of the major ones is a less robust extension library. Some of the major players like uBlock Origin is there, but things like HTTPS Everywhere are not. And some that are present don’t work quite as well within Safari for whatever reason. Also missing is a way to manage cookies by tab. I have purchased a separate program named Cookie 5 that will delete them on close of the browser. But I use my browser all day long, and that is a lot of time in between for sites to use my cookies in ways I don’t desire.

So, though Safari provides the best experience overall, I’m sad to say it doesn’t fit well enough into my privacy-focused world.

Mobile is a different story. Apple locks developers into using their web engine on iOS, so no matter what browser you’re using it’s basically just Safari reskinned. Adding in a content blocker like Firefox Focus gives you the ad blocking and increased privacy you want. Also, nothing else matches the smoothness and integration of Safari on iOS.

Brave

One of the standout Chromium-based browsers is Brave. I’ve been testing it it out and REALLY like it. This browser’s company was started by the co-founder of Mozilla, Brendan Eich. Its focus is on providing out-of-the-box much of the security/privacy that others offer via extensions, and also on solving the issue of website ads. It has a novel approach where publishers and users opt into a network where users are rewarded for surfing and can give some of that back to their favorite content creators. In this way you eliminate targeted ads and much of the privacy issues that accompany them.

Honestly, it seems like a great browser. It’s definitely a great solution for the not-so-techy folks who just want better privacy. Many of the functionalities I described in my favorite extensions above are built right into the browser, among others. If a site isn’t working well, just click the “shields down” button to allow it to work as normal. Also, it can install any plugins from the Google Chrome Web Store.

The only hangup for me is that it’s Chromium based (which was discussed at length above). Also, the mobile app isn’t awesome. It’s getting better, but still not quite to the level as that of Firefox. If those things don’t bother you, get it. I think you’ll enjoy it.

Conclusion

All of that to say, in my opinion Firefox best fits the bill for a privacy-focused world view. It’s the only browser that allows you to silo websites, manage cookies per-tab as I close them, isn’t built on Google software and therefore isn’t controlled by them, and comes from a company that is well positioned to put the needs of the users first.

I won’t be offended if you don’t agree. There are as many opinions as there are browsers. But I hope that sharing this is thought provoking and will assist in your own journey to better privacy!

In the end it’s not which browser you use that protects your privacy so much as 1) where you browse to and 2) being mindful of how the web works. To that end, pick one with a track record for being secure, pick reputable addons to enhance its capabilities, and browse smartly.

Update (09/18/2019)

Apple has been leading the way with blocking cookies in Safari, and now Firefox is following suit. I also conducted my own little test using https://www.deviceinfo.me/ to see exactly what information websites could pull about me. Without any privacy addons installed Safari gave up less information than Firefox did, even when configured as I’ve mentioned above.

All that to say, Safari is becoming a very good option for privacy if you live fully within the Apple ecosystem. Everything I’ve said about Firefox above still holds true, but Safari is a much better option these days than it once was.

Administering Azure from PowerShell Core

Introduction

Not long ago Microsoft proclaimed to us that they love Linux. And while many remain skeptical of that assertion (and not without reason), the tech giant is continually pouring more time and resources into the open source world. One of the really exciting products of this (to me at least) is PowerShell Core. Not only can I now program with my favorite scripting language from Mac or Linux, I can interact with services like Azure. In fact, Microsoft’s own Azure Cloud Shell runs PowerShell Core, so it’s no side mission for them. Let’s take a look at using it to connect to Azure from a non-Windows environment.

Install PowerShell Core

To start out, we’ll need to install PowerShell Core.

# Download the Microsoft repository GPG keys
wget -q https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb

# Register the Microsoft repository GPG keys
sudo dpkg -i packages-microsoft-prod.deb

# Update the list of products
sudo apt-get update

# Enable the "universe" repositories
sudo add-apt-repository universe

# Install PowerShell
sudo apt-get install -y powershell

# Start PowerShell
pwsh

Now we have PowerShell on Linux!

Next, we will need to install and import the ‘AZ’ module for working with Azure.

Install-Module -Name Az

Import-Module Az

Alright, now we’re ready to rock. Let’s get connected up to Azure using Connect-AzAccount. That will give us a prompt like the one below, supplying a code to be used for connection.

Supply your Azure credentials, and your machine should now be connected.

Now, we can interact with our Azure environment!

Microsoft has done a fantastic job with making PowerShell Core and the Azure cmdlets available on non-Windows systems. It’s a trippy experience to be working with them from Mac or Linux, but I’m excited for the possibilities ahead!

My Journey to Better Privacy (Part 1: Search)

Introduction

The subject of privacy, for me, is one I’ve been more or less dodging for a long time. It’s something I feel strongly about. I make half-hearted attempts at improving it now and then. But overall I’ve mostly let it go by the wayside. It’s really easy to retweet statements by privacy-focused groups or to make recommendations for what others should do. But when it comes to true and meaningful lifestyle change, it’s tough. There is always a rationalization for why it just isn’t worth it.

And so here we are, time to stop making excuses. I’ve decided to set out on a journey to better privacy. In all of life I’ve discovered that taking things in small steps is always more successful for me than changing all the things at once. So I’m going to take one area at a time and tweak it to be more privacy-focused. As I do so I’ll also be discussing with you the pro’s, cons, and flat out pain of each step. But, at the same time there is always the question of how thick you make the tin foil hat. I’m a tech-oriented person that works in a tech-oriented field. Because of my level of exposure to electronics and the internet I will never fully have privacy. I will, however, be trying to strike a balance between obtaining optimal levels of privacy and being able to live a somewhat normal life.

Step 1: Search

The first step on this journey is swapping my search engine. I chose this to be the first one as an easy entry point, because I’ve done it off and on in the past. Over the years it’s become very apparent that Google is not our friend. They are not a tech business that are our buddies. They are an advertising business that’s using our love of free, high-quality software to soak up unthinkable amounts of data. DuckDuckGo, however, is the closest thing in modern day to what a search engine should be. I should have swapped to it permanently a long time ago. Because I’ve struggled with this already I can go ahead and tell you the up and down side.

The Pros

DuckDuckGo provides what you actually want from a search engine, search results without having your essence sucked away as you use it. They don’t track you, ever. Your searches are yours alone. Secondly, they don’t contextualize your search results based off data collected about you (further locking you into your own echo chamber). Most of us probably don’t even realize how tailored our results are to the information Google has on us. Does this provide extremely relevant results? Yes, but at what cost?

TLDR: It’s not watching you like a creep.

The Cons

What? You’re recommending something to me and it isn’t perfect??? How dare you Landon!

No, DDG isn’t perfect. Neither is Google, we’ve just gotten so used to it that we don’t even notice. I mentioned above that I’ve made multiple attempts at swapping. Each time I would be led by my convictions and eventually bow to convenience. Google searches are just GOOD. I mean, flat out really good. If I search for something in DDG and don’t almost immediately find it in the first 1-3 results then I get frustrated and run it in Google. It’s just the way we’ve been conditioned to operate. But, when I run it in Google I almost always find it right away. During most of my IT career I’ve been in a support role, and finding the correct answer right away outweighed my privacy concerns. Then, if I was going to do it with work I justified doing it with my personal devices too.

So what’s different this time? I’m currently in a role where I’m not under pressure to find results instantly. I can take the necessary time to adjust to how DDG operates and give it a chance to give me what I need on result 4 or beyond. And as I’ve done that, I’ve honestly found that what I need is there if I will take the .05 seconds of patience required to look for it. I’ve heard from others that, over time, as Google is given less info on them then the two providers have much more similar results.

One last area of challenge is that this will apply only to me. My wife has been extremely resistant to swapping to DDG in the past and I don’t expect that to change now. This is actually something you’ll face at every turn when trying to live a more privacy-focused life, those you interact with the most will be reluctant. The truth is that the average user just doesn’t care, and ones that consider it find the transition pain enough of a barrier to stop.

TLDR: There will be a period of adjustment because Google is so freaking good, but keep in mind what you’re giving Google in return (do you even know?).

TLDR

I’m swapping search on all my devices from Google to DuckDuckGo, and you should too. Drop the creepy guy looking over your shoulder (probably with a weird mustache) and keep your searches to yourself. Learn more about DDG here.

My First Mobile App

Over the last several months I’ve been on a journey to a) learn Swift and b) create my very first mobile application. And I’m proud to announce that it is complete!

Named “The Simple Workout”, it is exactly that. Just a simple, randomized workout using bodyweight exercises. It’s based loosely on the card deck workout, where you draw a card and use its suite for the exercise type and number for the reps. But, I’m lazy… Instead of remembering which suites go to which workouts, and having to keep up with a deck of cards, I just wrote an app where I can simply hit a button.

In celebration of creating my first app (and to celebrate Independence Day) I’m releasing it for free! So please download it, enjoy, and be sure to send me any feedback you have on issues or suggested improvements.

I’m only releasing it to the iOS App Store currently, but I’m open to a new learning experience down the road that would lead me to port it over to Android.

DISCLAIMER: Please consult a doctor before performing any physical activity that might endanger your health. This app is provided as-is, makes no guarantee of results, and is to be used at your own discretion.

Download for free here.

App Privacy Policy

Privacy Notice

This privacy notice discloses the privacy practices for apps developed by me.

Information Collection, Use, and Sharing

Data is not collected, used, or shared.

Your Access and My Security Measures

No data is collected, therefore no access or security is needed.

Life in the Key of E

Many years ago, sometime during high school, I set out to learn guitar. This was in the days before YouTube, so all I had to work with was an antique book of my dad’s. Utilizing that, and eventually the internet, I picked up four or five chords and was feeling pretty good about myself. E (or perhaps E minor, I forget which I learned first) was instantly my favorite. When I played it the sound just resonated with me. As time went on I would learn a couple of basic songs, but mostly I would just wing it, combining different cords to make up a tune. Often this revolved around E.

After a couple of decades I’m still at basically the same skill level that I attained in college. Sure my strumming has improved and I picked up a couple of tricks, but I’ve learned no more chords and still for the life of me cannot remember any actual songs. This has been a source of great frustration for me. I don’t like to fail, and it has bothered me to no end that my mastery never reached the level of others I know. Most guitar players can pick one up and play a favorite song or two, even those that know fewer cords than I do. The majority of my time with the guitar is spent simply playing the E chord, with variations thrown in by lifting one finger to make it E minor. I think it sounds pretty good, and I thoroughly enjoy jamming out in this way, but I definitely feel like a loser in regards to the guitar.

In recent years God has allowed me to see how this parallels my life. I’m a very thought-oriented person. Because of this, I tend to decide who\how I should be and then set out to make that happen. I will work tirelessly in pursuit of the course of action I believe to be best, and throw myself headlong against any obstacle that threatens it. To the great surprise of my adult self, that doesn’t always mean success. There are areas that I was certain were to be my primary focus but I’ve seen very little growth or success in them over the years. This is especially sad because I was doing them in service to God, for His Kingdom. However, there are areas I’ve completely ignored that have flourished without me even paying them direct attention. Those taken-for-granted skills and interests developed naturally despite being secondary in focus. It’s almost like I couldn’t help but be good in them. You might say they just resonated. And, funny enough, they also opened more opportunities to speak with people about Jesus than any of the areas I had tried to force open.

So, what am I trying to say? Follow your heart and be the truest version of yourself? No, that crap comes from Disney movies. Your heart is wickedly deceptive and can’t be trusted to steer itself (Jeremiah 17:9). What I am saying is that you were fearfully and wonderfully made by an infinitely wise God. Seek Him, be yourself, and let Him use it in mighty ways. Don’t feel like you have to pattern yourself after this pastor, or that leader, or some successful person. “God is most glorified in us when we are most satisfied in Him.” (Piper) Be satisfied in Him, content with the strengths and weaknesses He’s given you, and play your song. Even if you don’t know a “real” song like the cool kids.