My Journey to Better Privacy (Part 4: Digital Assistants)

Intro

Since the time I was a child the idea of robotics and automation has appealed to me. When digital assistants started to hit the scene I was stoked. I imagined myself controlling my home like Tony Stark with Jarvis. I tried to hold out for a good Siri solution, knowing that Apple makes quality products and that they are generally more privacy focused. But $400 is way too high for a smart speaker and Siri, bless her heart, is way behind the rest of the class in terms of intelligence. I ended up going with Amazon’s Alexa and have really enjoyed the experience.

At this point in time my investment in the Amazon Echo ecosystem is not insignificant. We are the owners of the full-size Echo 2, an Echo Spot (the alarm clock one), and the 2nd generation Echo Dot (the hockey puck). I even had a second Dot, but have since gifted that to my in-laws. Added up that’s a decent dollar investment (but still hasn’t reached the price of one Apple Homepod). With these devices I’ve been able to have music that plays throughout our house, control a number of lights by voice, have a simple intercom system, and more. An additional perk is that it lets my kids easily do things like turn on the lights in the scary basement from upstairs.

All of that to say, I have good reason to consider the privacy implications of digital assistants. And it could also be painful for me should I need to make a change. So you know I’m taking this seriously.

What Is The Worry?

After the initial rush of excitement surrounding digital assistants and their potential, a number of years have passed and important questions have come up in the mean time. Many people ask, if something is always listening for me to speak is it recording everything I say? Secondly, what is done with the recordings once your choice of tech companies has it? How long do they keep it? Perhaps most important recently is the question of human interaction. We always assumed that only machines interacted with our recordings, but it turns out that people do as well.

Some of these concerns are valid and some simply aren’t. Let’s start by taking a look at how these devices work, and that will help us separate out truth from myth.

How It Works

Honestly, it’s really very simple. In the case of smart speakers, or anything that uses a wake word (Alexa, Hey Siri, Ok Google), the device listens to everything said around it. This happens locally on the device, and it completely ignores anything other than the wake word. When the wake word is recognized, that is when it reaches out to the company’s servers. Any sound during the listening period is recorded and sent up to these cloud servers. That is where all of the smarts are (which is why the devices can have such low power hardware). Using sophisticated language processing, machine learning, etc their systems determine what you’re saying and how to best respond. Any number of things are triggered from there, and whatever you requested happens. That’s it. To summarize: Wake word, snippet sent to cloud, action taken. The companies then take a small percentage of the millions of recordings they receive, somewhat disassociate it from user accounts, and have people work with them to make their language processing smarter.

There are a few key takeaways from this knowledge:

  • The device dumps EVERYTHING it hears unless the wake word is registered. It is NOT recording everything you say.
  • The request is processed by machines. No human interaction is involved.
  • Though people are involved in training the system to be smarter, and that allows them to hear recordings, it is with an astoundingly small portion and your user account is partially decoupled from the recordings at that point.
  • It’s worth noting that Apple is more privacy conscious with its operations, such as tying recordings to a random identifier rather than your user account and doing as many operations locally as possible rather than in the cloud.

What Concerns Remain?

Having said that, it does not mean there aren’t real concerns. In our experience the devices can wake at very random times where we definitely did not say “Alexa”. At first this is just annoying (and a little creepy). The more you dwell on it, though, you start to wonder exactly what it’s picking up. Some have raised the point that personally identifiable information could be overheard, or bank numbers, etc. Sometimes I wonder if it picks up my children’s conversations. Not that they’re saying anything nefarious, but I don’t really want them recorded. Also, you just never know how anything you say will be taken if heard out of context. In today’s society people get really worked up about opinions they don’t agree with. Who’s to say it won’t overhear a conversation that isn’t politically correct, and then the workers might tie it back to you? What if something is acceptable now but in a decade is practically a thought crime (token 1984 reference)? One should always be careful of what they say, but this adds newer and potentially more dangerous considerations. Words you barely thought about almost instantly become data that is globally distributed and perhaps perpetually retained.

Most companies have built mechanisms to let you delete recordings from your account, but that doesn’t mean they’re completely purged. In the end it’s really up to them how long they’re going to keep the data and what uses they’ll have for it. The recording is on their servers and out of your hands.

After the outcry over having people listen to recordings most of those programs have been suspended. I can’t imagine that will last, though. I’m honestly not certain you can properly train the system without sampling recordings. That’s just the nature of how this technology works. They should have disclosed this better and potentially had their employees act more professionally (like not passing around amusing recordings), but it’s simply a reality.

Considerations For Balance

How much all of this matters to you is going to be a personal choice. Everyone has different thresholds for what they consider to be private conversation and how much they care they’re overheard. In many areas of life my wife is my touch point to reality. I can get very lost in the internal academic debate and become completely disconnected from the real world. While wrestling with these subjects in regards to our own home I asked if it bothered her, and she responded something to the effect “not even once”. Just now I asked her what she thought we should do and she said “I don’t even care”.

Another thing to consider is how deep down the rabbit hole you want to go. If you’re worried about devices listening to you without your permission, stop to consider the ones that are already part of your daily life. Every cell phone (smart or not), laptop, smart watch, and many desktops have mics in them. A bad actor could activate any one of those without your knowledge. It’s already been done before with webcams. Facebook, Google, and likely the goverment already have an astounding amount of information on you from multiple sources, verbal or not. And you could just mute or turn off the devices should you need to have a private conversation.

Conclusion

When you put everything together it’s a balance of obtaining the functionality you want vs the information you volunteer. For me that means, as painful as it is, Alexa and I will have to part ways. I really didn’t want that to be the case, and I even wrote up this article originally stating that I was going to keep her. But that didn’t sit well, and here are the main reasons why:

  • Conversations unintentionally overheard: There is no way around it, these devices often think you’re speaking to them when you’re not. That leads to us being recorded when our guard is down, and as stated before the information is then out of our hands and within Amazon’s control. For whatever reason this seems to happen much less with Siri, so I’m not as concerned about our phones, etc having it enabled.
  • People reviewing recordings: Only Apple’s system truly decouples your recordings from your personal information, so theirs is the only one I’m comfortable with in this regard.
  • There is no feature we can’t live without: We did a week trial without the devices and there was surprisingly little impact. A few smart home tasks are more annoying to do with the phone or watch, but overall life went on pretty much the same. Having the Jarvis effect is fun, but not something I’m willing to trade our privacy for.
  • No peace of mind: I mentioned this in the web browser discussion too, but peace of mind is very valuable. No matter how much I run over the facts and come to terms with them, something in the back of my mind was never comfortable with Alexa. Being without that internal battle during our week long test was refreshing, and a part of me has known since starting out with Alexa that something felt off about it. Maybe it’s paranoia, or maybe it’s instinct. Only time will tell I suppose.

So going forward the only digital assistant in our lives will be Siri. She’s not the smartest, and the Apple Homepod is absurdly expensive. If they go on sale or Apple produces a lower cost Echo Dot competitor then I’ll jump on board. In the mean time we just use our phones or watches for the same tasks. And if worse comes to worse, we walk across the room and hit a physical button. Turns out that’s still a completely viable option.

My Journey to Better Privacy (Part 3: Social Networks and Messaging)

Intro

I’m on a journey to improve my online privacy. Search engines and web browsers have already been covered in previous posts. What discussion on this topic would be complete without Social Networks (Facebook, Twitter, Instagram, etc)? I’m also going to include messaging along with them because they often go hand in hand (ie Facebook Messenger).

Why Does It Matter?

Social networks encompass a large portion of our online activity, and ironically are also one of the main outlets through which we hemorrhage data. Besides the risks incidents like the Facebook data breach present, why are we okay with giving the social networks themselves so much data? Even if you follow the argument that you’re a good person and have nothing to hide, it’s still disturbing to have a random party repeat back to you what you ate for lunch. Yet we tell things to audiences of thousands, and that data gets spread to servers around the globe. We have seen in recent history how old year books from high school and college have affected people’s careers. What if a decade from now what you’re freely laughing about with friends is completely socially unacceptable? There is a timestamped record of it anyway, and your picture is likely along with it in full HD. In the same vein, what if laws later change around the governance of that data and third parties such as governments or others can freely access it? The point is, we don’t really know how the accumulated data of our lives is being used today, much less how it will be in the future. Also, studies have shown that social media is just plain bad for you.

What Am I Going To Do About It?

Delete all my accounts!!! Just kidding. I’ve actually been down that road before due to a mixture of privacy concerns and trying to engage with people in person more. In the end I came back, and I don’t plan to delete them again. This may sound outrageous given this post is about privacy, but if you will remember I stated at the beginning of this journey that I was trying to strike a balance between full tin foil hat paranoia and living effectively on the internet in 2019. In my specific situation, I have family and friends scattered around the country and globe. I don’t often get to see them in person, so Facebook is a very effective way of keeping in touch with them. Also, groups we are a part of coordinate heavily through it, such as our Sunday School class at church. I use Twitter, Linkedin, and others to stay in touch with the tech community and post (hopefully) helpful information such as the entries on this blog. So, in the end a complete burn-it-to-the-ground deletion would not be the smartest move for me.

I have found over time, however, that there are ways to severely limit what information I give to social media. The first has nothing to do with technology, it’s discipline. I make a practice of only saying online things that I wouldn’t mind a crowd of strangers overhearing. Sometimes I remember this more than others, but overall the idea is to simply be careful what you say. Second, I use a web browser and plugins that block website components that want to spy on me, including those connected to Facebook’s like button that appears on almost every page. On mobile devices you can use apps such as Friendly to still get the social network content without as much bloat and spying.

There are additional steps I’m implementing, however. This is after all a journey forward, not a review of steps I’ve taken in the past. First, I’m setting a specific time frame during the day to be my social media window. I’ve gotten far too comfortable with randomly accessing it throughout the day the moment I experience more than a second of boredom. I think we would all benefit from learning to curb that impulse, and regaining some of the ability we’ve lost to simply just “be”. Second, in order to help reinforce this first goal I am going to remove the apps from my phone. I’ve tried this in the past unsuccessfully, because I would simply log into the web version. But this too is more about discipline than technology. Tech can make a lot of things more convenient, but our choices are still up to us. As a side benefit, I’m looking forward to increased battery life and mental focus.

As mentioned up front, I’m including messaging in this effort as well. I think it is even more sneaky in regards to our data, because we get the false sense that it’s private. You’re having a conversation with those closest to you, forgetting that any number of unknown entities could at some point access all or part of that conversation. I’m taking the same mitigating steps with messaging as those listed above. But I’m taking one additional step of only using messaging platforms that include end-to-end encryption. That means that your messages are protected on your end as well as the recipient’s, and no one in between (including the company hosting the service) can read them. For me that means using iMessage and Signal. iMessage is only available on Apple products, but Signal is cross-platform.

Conclusion

In the end my choices might not match what makes sense for you, and that’s okay. This approach allows me to stay in contact with family/friends and coordinate with groups who are heavily invested in Facebook as a communication platform. But it also allows me to reduce both the amount of data I put into these companies’ hands and the amount of time their products take away from my life. It also ensures that my personal conversations aren’t snooped on. I’m a boring guy with nothing to hide, but I’d still be creeped out if a stranger asked me about where I went on vacation.

My Journey to Better Privacy (Part 2: Browsers)

TLDR

My pick: Firefox, with the extensions HTTPS Everywhere, uBlock Origin, Firefox Multi-Account Containers, and Cookie AutoDelete
Privacy Simplified: If you just want privacy out-of-the-box and don’t care that it’s based on Chromium, go with Brave.
My mobile pick: Safari with Firefox Focus enabled as a content blocker, or Firefox depending on your preference.

Intro

If you read my previous post, you know that I’m on a journey to achieve better online privacy. Much like with search engines, web browsers are something that I’ve been considering for years. I tend to be drawn towards Chrome for its features and the fact that most sites are built to work with it. Then I become more privacy conscious and move to Firefox, with several addons enabled. Some point either after or before that I use Safari because of its integration with my devices (we’re basically an all-Apple house).

I wanted to make a concrete decision this time, though (or at least as concrete of one as can be made when technology changes so drastically from year to year). For that reason, I’m putting my thoughts down in writing and sharing them with you. It’s an accountability mechanism of sorts. Also, I sincerely hope that it benefits you as well.

*One small note before we get started. There are a LOT of browsers out there. I’m only going to cover the top few that tend to circulate through my life and that I think the mass majority would consider.

Chrome

Almost without doubt, if you’re asking which browser is going to be fastest and work the best it’s Chrome. Depending on which stats you look at, it has up to 75% of the market share, and for good reason.

By StatCounter – http://gs.statcounter.com/browser-market-share#monthly-200901-201905, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=80089473

But, how is it in regards to privacy? After all, its maker Google has come under a lot of scrutiny in that area over the last several years. Even The Washington Post basically called it spyware. They’re an ad business, using their “free” services to collect mountains of data to fuel that business, and Chrome is just a tool to help direct people towards contributing to that. It’s also becoming a bit of a monopoly as well, to the point where developers only code for it to the exclusion of other browsers. For these and other reasons, many (including myself) are highly suspicious of letting it pilot our journey through the web.

However, they haven’t left users completely without options. If you’re willing to look for the options in settings then you can turn off a lot of the snooping. Also, Chrome has one of the richest extension libraries, so you can add a number of those that will greatly enhance its privacy capabilities.

I for one remain too skeptical to embrace it as my daily driver. I truly wish that weren’t so, because it’s probably my favorite overall. But it just doesn’t sit easy with me.

Firefox

I’m going to be a lot more verbose concerning Firefox, because it is basically the measure by which I will judge all the others. It has a long history of fighting web browser monopolies and is basically a household name at this point. Below are some of the reasons it stands out to me.

Open Source: It is not the only option I’ll discuss that is open source, but it’s probably the most respected in the open source community. I’m not someone who will say non-open-source is evil (I’m writing this from a Mac), but I do think it’s something we should promote as often as possible. This is especially true in regards to the web. At this point in our culture the internet is almost like a utility. It houses essential resources for communication, productivity, education, and so on. It’s my belief that an open source browser from a non-profit company is better positioned to safeguard that than an offering from a large corporation which has special interests.

Defenders of the open web: Continuing off the point above, Mozilla (the maker of Firefox) has a long history and deep commitment to keeping the web open. Because they aren’t selling ad services, they can freely support ad blockers unlike Google is doing. They also sponsor lots of events to educate people on how to interact with, and contribute to, the web community.

Cross-platform: Firefox will run on Windows, Mac, or Linux. You can also have it on Android or iOS devices. If your life doesn’t reside all on one platform (as most people’s doesn’t) you can still use Firefox and sync your data across all devices.

Not Chromium based: Chromium is the open source browser that Chrome is built on. It’s basically Chrome before some Google-specific components are added in. As already mentioned above, Chrome is becoming a bit of a monopoly. There is NOTHING wrong with building a browser on Chromium. Several fantastic browsers do that. However, it further contributes to this monopoly. The more Chromium-based browsers there are, the more developers code to only that platform. This leads to the exclusion of other browsers. When users hit issues they think “Why is this browser terrible?”, not “Why isn’t this site built better?”. This continually funnels more people towards Chromium based browsers, where the sites “just work”. And in the end Google has gained more control over how the web behaves than any one company should have. Firefox, however, uses its own engine and it’s fantastic. For a deeper look at the pros and cons of using Chromium-based browsers, this article is a great read.

Extensions: Honestly extensions are almost what make a browser in regards to privacy. And Firefox has a WEALTH of them, in addition to the privacy features already built in. Don’t get me wrong, Chromium-based browsers do as well via the Google Chrome Web Store. But, that continues the Google snowball that I’ve already discussed. Firefox is known for being extremely customizable, much of which comes from its extensions. You can go full-on tin foil hat with them or use none at all. Below is the list that I have found to be a good balance between completely open and so secure that the internet is unusable:

  • LastPass (Password management)
  • HTTPS Everywhere (Resends your requests using the encrypted URL instead of the standard one)
  • uBlock Origin (Blocks ads and tracking from Google, Facebook, and others)
  • Firefox Multi-Account Containers (Keeps cookies in silos so that sites can’t use info from other ones to track you)
  • Cookie AutoDelete (Every time you close a tab it deletes the cookies associated with it, so that they don’t linger and become used in malicious ways)

Containers: Continuing off of the extensions discussion, I’d like to expound a bit more on the Multi-Account Containers made by Firefox. This is one of the key features specific to Firefox that no other browser has. I can have my work, social, banking, search, and other sites open in their own little silos. That way none of them mixes together and uses each other’s cookies to spy on me. It really is a fantastic way of walling off information from those with ill intentions. There is a bit of work up front to tell it which containers you want sites to open in, but thereafter it will use them automatically.

Conscience: Last but not least, it just sits well with my conscience. Maybe it’s just me, and others might not put a lot of stock in it, but there’s something to be said for having peace of mind.

So what are the downsides? Let’s not pretend there aren’t any. As mentioned before, you will likely run into more issues with sites not working than with a Chromium-based browser. Who’s fault this is doesn’t really matter, in the end the result is encountering more problems. Ones that likely won’t go away. Secondly, it’s just not as polished in general. The Quantum rewrite took it forward leaps in both speed and performance, but it still seems to lag more and be less smooth overall.

How much any of these cons matter to you will largely depend on how hard-core you want to go with the privacy push. Without a doubt, you can’t go wrong with Firefox when looking for better privacy and security.

Safari

Safari is actually quite a good browser these days, and also very privacy focused. Apple has realized that privacy is a niche where they stand out in a good way. Whether they intended to do that for the sake of the users or just ended up there by happenstance, nobody knows. But they’re milking it.

There are a bunch of small features that make Safari appealing in my Apple-integrated world. Chief among these are:

  • Reader mode (Other browsers have one, but this one is the best)
  • Text shortcuts (Every time I want to input my email I simply type “eml” and hit space. The same is true for address, phone, etc. This saves a surprising amount of typing and syncs across my devices.)
  • Seamless syncing with my other devices
  • Built-in reading list
  • Beautiful design and performance on both desktop and mobile

Add to the items above that you can add extensions, plus other capabilities through App Store apps, and Safari is a solid option. You’re probably wondering at this point why I don’t use it given all the bragging.

As with all things, it has its downsides as well. One of the major ones is a less robust extension library. Some of the major players like uBlock Origin is there, but things like HTTPS Everywhere are not. And some that are present don’t work quite as well within Safari for whatever reason. Also missing is a way to manage cookies by tab. I have purchased a separate program named Cookie 5 that will delete them on close of the browser. But I use my browser all day long, and that is a lot of time in between for sites to use my cookies in ways I don’t desire.

So, though Safari provides the best experience overall, I’m sad to say it doesn’t fit well enough into my privacy-focused world.

Mobile is a different story. Apple locks developers into using their web engine on iOS, so no matter what browser you’re using it’s basically just Safari reskinned. Adding in a content blocker like Firefox Focus gives you the ad blocking and increased privacy you want. Also, nothing else matches the smoothness and integration of Safari on iOS.

Brave

One of the standout Chromium-based browsers is Brave. I’ve been testing it it out and REALLY like it. This browser’s company was started by the co-founder of Mozilla, Brendan Eich. Its focus is on providing out-of-the-box much of the security/privacy that others offer via extensions, and also on solving the issue of website ads. It has a novel approach where publishers and users opt into a network where users are rewarded for surfing and can give some of that back to their favorite content creators. In this way you eliminate targeted ads and much of the privacy issues that accompany them.

Honestly, it seems like a great browser. It’s definitely a great solution for the not-so-techy folks who just want better privacy. Many of the functionalities I described in my favorite extensions above are built right into the browser, among others. If a site isn’t working well, just click the “shields down” button to allow it to work as normal. Also, it can install any plugins from the Google Chrome Web Store.

The only hangup for me is that it’s Chromium based (which was discussed at length above). Also, the mobile app isn’t awesome. It’s getting better, but still not quite to the level as that of Firefox. If those things don’t bother you, get it. I think you’ll enjoy it.

Conclusion

All of that to say, in my opinion Firefox best fits the bill for a privacy-focused world view. It’s the only browser that allows me to silo websites, manage cookies per-tab as I close them, isn’t built on Google software and therefore isn’t controlled by them, and comes from a company that is well positioned to put the needs of the users first.

I won’t be offended if you don’t agree. There are as many opinions as there are browsers. But I hope that sharing this is thought provoking and will assist in your own journey to better privacy!

In the end it’s not which browser you use that protects your privacy so much as 1) where you browse to and 2) being mindful of how the web works. To that end, pick one with a track record for being secure, pick reputable addons to enhance its capabilities, and browse smartly.

My Journey to Better Privacy (Part 1: Search)

Introduction

The subject of privacy, for me, is one I’ve been more or less dodging for a long time. It’s something I feel strongly about. I make half-hearted attempts at improving it now and then. But overall I’ve mostly let it go by the wayside. It’s really easy to retweet statements by privacy-focused groups or to make recommendations for what others should do. But when it comes to true and meaningful lifestyle change, it’s tough. There is always a rationalization for why it just isn’t worth it.

And so here we are, time to stop making excuses. I’ve decided to set out on a journey to better privacy. In all of life I’ve discovered that taking things in small steps is always more successful for me than changing all the things at once. So I’m going to take one area at a time and tweak it to be more privacy-focused. As I do so I’ll also be discussing with you the pro’s, cons, and flat out pain of each step. But, at the same time there is always the question of how thick you make the tin foil hat. I’m a tech-oriented person that works in a tech-oriented field. Because of my level of exposure to electronics and the internet I will never fully have privacy. I will, however, be trying to strike a balance between obtaining optimal levels of privacy and being able to live a somewhat normal life.

Step 1: Search

The first step on this journey is swapping my search engine. I chose this to be the first one as an easy entry point, because I’ve done it off and on in the past. Over the years it’s become very apparent that Google is not our friend. They are not a tech business that are our buddies. They are an advertising business that’s using our love of free, high-quality software to soak up unthinkable amounts of data. DuckDuckGo, however, is the closest thing in modern day to what a search engine should be. I should have swapped to it permanently a long time ago. Because I’ve struggled with this already I can go ahead and tell you the up and down side.

The Pros

DuckDuckGo provides what you actually want from a search engine, search results without having your essence sucked away as you use it. They don’t track you, ever. Your searches are yours alone. Secondly, they don’t contextualize your search results based off data collected about you (further locking you into your own echo chamber). Most of us probably don’t even realize how tailored our results are to the information Google has on us. Does this provide extremely relevant results? Yes, but at what cost?

TLDR: It’s not watching you like a creep.

The Cons

What? You’re recommending something to me and it isn’t perfect??? How dare you Landon!

No, DDG isn’t perfect. Neither is Google, we’ve just gotten so used to it that we don’t even notice. I mentioned above that I’ve made multiple attempts at swapping. Each time I would be led by my convictions and eventually bow to convenience. Google searches are just GOOD. I mean, flat out really good. If I search for something in DDG and don’t almost immediately find it in the first 1-3 results then I get frustrated and run it in Google. It’s just the way we’ve been conditioned to operate. But, when I run it in Google I almost always find it right away. During most of my IT career I’ve been in a support role, and finding the correct answer right away outweighed my privacy concerns. Then, if I was going to do it with work I justified doing it with my personal devices too.

So what’s different this time? I’m currently in a role where I’m not under pressure to find results instantly. I can take the necessary time to adjust to how DDG operates and give it a chance to give me what I need on result 4 or beyond. And as I’ve done that, I’ve honestly found that what I need is there if I will take the .05 seconds of patience required to look for it. I’ve heard from others that, over time, as Google is given less info on them then the two providers have much more similar results.

One last area of challenge is that this will apply only to me. My wife has been extremely resistant to swapping to DDG in the past and I don’t expect that to change now. This is actually something you’ll face at every turn when trying to live a more privacy-focused life, those you interact with the most will be reluctant. The truth is that the average user just doesn’t care, and ones that consider it find the transition pain enough of a barrier to stop.

TLDR: There will be a period of adjustment because Google is so freaking good, but keep in mind what you’re giving Google in return (do you even know?).

TLDR

I’m swapping search on all my devices from Google to DuckDuckGo, and you should too. Drop the creepy guy looking over your shoulder (probably with a weird mustache) and keep your searches to yourself. Learn more about DDG here.

Life in the Key of E

Many years ago, sometime during high school, I set out to learn guitar. This was in the days before YouTube, so all I had to work with was an antique book of my dad’s. Utilizing that, and eventually the internet, I picked up four or five chords and was feeling pretty good about myself. E (or perhaps E minor, I forget which I learned first) was instantly my favorite. When I played it the sound just resonated with me. As time went on I would learn a couple of basic songs, but mostly I would just wing it, combining different cords to make up a tune. Often this revolved around E.

After a couple of decades I’m still at basically the same skill level that I attained in college. Sure my strumming has improved and I picked up a couple of tricks, but I’ve learned no more chords and still for the life of me cannot remember any actual songs. This has been a source of great frustration for me. I don’t like to fail, and it has bothered me to no end that my mastery never reached the level of others I know. Most guitar players can pick one up and play a favorite song or two, even those that know fewer cords than I do. The majority of my time with the guitar is spent simply playing the E chord, with variations thrown in by lifting one finger to make it E minor. I think it sounds pretty good, and I thoroughly enjoy jamming out in this way, but I definitely feel like a loser in regards to the guitar.

In recent years God has allowed me to see how this parallels my life. I’m a very thought-oriented person. Because of this, I tend to decide who\how I should be and then set out to make that happen. I will work tirelessly in pursuit of the course of action I believe to be best, and throw myself headlong against any obstacle that threatens it. To the great surprise of my adult self, that doesn’t always mean success. There are areas that I was certain were to be my primary focus but I’ve seen very little growth or success in them over the years. This is especially sad because I was doing them in service to God, for His Kingdom. However, there are areas I’ve completely ignored that have flourished without me even paying them direct attention. Those taken-for-granted skills and interests developed naturally despite being secondary in focus. It’s almost like I couldn’t help but be good in them. You might say they just resonated. And, funny enough, they also opened more opportunities to speak with people about Jesus than any of the areas I had tried to force open.

So, what am I trying to say? Follow your heart and be the truest version of yourself? No, that crap comes from Disney movies. Your heart is wickedly deceptive and can’t be trusted to steer itself (Jeremiah 17:9). What I am saying is that you were fearfully and wonderfully made by an infinitely wise God. Seek Him, be yourself, and let Him use it in mighty ways. Don’t feel like you have to pattern yourself after this pastor, or that leader, or some successful person. “God is most glorified in us when we are most satisfied in Him.” (Piper) Be satisfied in Him, content with the strengths and weaknesses He’s given you, and play your song. Even if you don’t know a “real” song like the cool kids.

Kindle Fire HD8 Review

Background: I recently found myself wanting to replace my iPad Mini 2. It’s around four years old and starting to become sluggish enough to be frustrating. Given the incredibly low price of Amazon tablets on Prime Day, I decided to take a risk and try out the Kindle Fire HD 8. Below are my impressions after using it for a couple of weeks.

The Good

The Price. Being prime day, I was able to get the tablet for $50. Throw in a 64gb SD card plus a cover and altogether the total was around $80, which is the normal selling price of the tablet. Even if it weren’t on sale, you have to consider that to replace my old iPad with the current equivalent it was going to cost me $300, and that is without expanded storage or any accessories. Right away I’m feeling good about this purchase because of the low initial investment.

The Support. Amazon has now retired the “Mayday” feature, but they still have excellent support built right in. I was having a minor issue where custom playlists were not showing up in Amazon Music. You simply go to the Help app and from there you’re able to request assistance by either email or phone under the “Contact Us” section. The representative contacts you, so you don’t have to wait on hold, and helps you with whatever issue you may have. I’ll admit that at first it sounded like a very low-level call center tech, but nonetheless he was able to resolve my issue quickly. This seems like a great feature for the not-so-tech-savvy folks you may want to gift this to.

The integration. One of the reasons I was willing to take a risk on a Kindle tablet is that we’ve become pretty big users of the Amazon ecosystem. I listen to Amazon music frequently. My family watches Amazon Video. And of course we do a ton of shopping on Amazon (who needs Walmart parking lots, am I right?). Being an Amazon product, all of these are first class citizens on the Kindle Fire. Not to mention Alexa, who is quickly becoming like a family friend around our house.

The Hardware/Performance. For $50, there is respectable hardware in this device. The screen is crisp and clear, the apps run well (mostly), and moving around the tablet is smooth (mostly). More on the mostlies in a moment. Also, coming from a completely closed-off iPad, having the option to expand storage with an SD card was a very welcome feature.

The Bad

The Apps (or lack thereof). Number one, chief issue with Amazon tablets is the lack of apps. There’s just no way to spin it. You won’t find any of the Google products you likely rely on, like Youtube. Microsoft ones are hit and miss (Outlook but no OneNote). There are many popular ones that are present, like Facebook, but easily twice as many that aren’t. You can mitigate this by installing the Google Play Store, or using sites like APKMirror. But, (a) this requires a higher technical skillset than many users are comfortable with and (b) it potentially opens you up to vulnerabilities by bypassing the Amazon app store (you have to enable the installation of apps from unknown sources). Where you fall on the techy spectrum and your views on convenience vs customization will affect how much of an issue this is for you. I found it workable but annoying.

The Operating System. Amazon’s Fire OS is really just a modified version of Android, and it’s a complete mess. Forgive me if I sound biased coming from a mostly iOS background, but stepping into Android feels convoluted and disjointed. Don’t get me wrong, there are things about it that I grew to like. But overall I still prefer iOS by far. This is not only because of the greater consistency and aesthetic appeal, but also for security and privacy reasons. Being Android at its heart, Fire OS is victim to all the same issues Android has (ie I’ve never had to install antivirus on a tablet before). I do, however, feel that privacy is more in the users’ hands with the Fire tablets than those completely pre-stocked with Google’s apps and framework.

The Interface. Jumping off of the OS point, the custom interface of Fire OS leaves a lot to be desired. In fact, it would actually be much better if they just left it at stock Android instead of adding their own customization. I realize that much of the intent is to focus you in on Amazon content. (That is, after all, why these are so cheap. They want it to be a gateway to Amazon services.) I would argue, however, that their confusing interface actually makes this more difficult. Want to watch something on Prime Video? You go to the Video tab, right? Wrong. That tab will advertise videos to you, but it doesn’t list your watchlist, etc. I found it much easier to simply go to the actual Prime Video app, which felt more full-featured and more readily presented what I was looking for. In fact, I moved it and everything possible to the Home page so that I could avoid flipping through the various tabs. They aren’t at all customizable, and after a short time became something I avoided completely. Part Android/part Fire OS issue, I always felt like there were multiple ways of accessing similar things and rarely clear rules as to which should be used. On a less important note, there are a litany of small UI issues that are more preference than anything else (ie I still don’t know how to copy/paste correctly).

The Performance. Before I comment on this, let me remind you that this is a $50 tablet. That being said, if you’ve used tablets of a higher caliber then there is a certain level of responsiveness you’ve become accustomed to, even without realizing it. I had rosy eyes going into this experience due to price, Amazon integration, and some of the other points mentioned above. This area was the smelling salts, as it were, that awoke me to reality. Remember how I said “mostly” in the good performance section? When you first turn on the device things are very smooth, surprisingly so in fact. However, as you begin to install apps and put it through its paces that experience quickly withers. It doesn’t become unusable, but noticeably less smooth. My biggest irritation was when exiting apps back to the Home screen. There would be a delay in the icons appearing on the screen. This may sound like a small deal when you read through this, but think about how many times you perform that action throughout the course of using a tablet. Overall this leads to a noticeable amount of lag that is consistently presented to you. Also, in many apps there was a surprising amount of choppiness. One of the reasons I wanted something newer was so that games and such would perform better. However, when I went back and compared the Fire HD 8 to my 4-year-old iPad mini, it was actually performing worse. Hearthstone had run, albeit not perfectly, on my iPad but was almost unusable on the Kindle. Even simpler games like Candy Crush were annoyingly laggy on the Kindle but ran smoothly on the older iPad. Not what you’re looking for in a new device experience.

Conclusions

So, what does all of this mean? Do I think the Kindle Fire HD 8 is a good tablet? Yes. Do I think it’s one for me? No. In fact, I’ve gone back to using my iPad Mini. I’ll likely save up and buy a newer Mini to replace it. Why? Mostly ecosystem, experience, and apps. If you’ve used a tablet that performs well then using a laggy one feels like going backwards. Also, on iOS I have access to the ecosystem that all my other devices use as well as a rich app store. Whether you’re invested in either the Apple or Google ecosystems, you’re going to struggle adjusting to Amazon’s app selection.

That being sad, this doesn’t mean the Kindle isn’t a great device for others. I think it would be a fantastic device for someone who (a) is buying a tablet for the first time and doesn’t have any previous expectations and investments into other ecosystems or (b) simply wants to consume Amazon services. It’s also great if you want something cheap to get beat up. Full disclosure, we have two of the cheaper Kindle Fire 7 tablets that my kids use. For simple children’s games, etc, they’re just right. I’ll likely save this one for when one of theirs dies and let it be a nice upgrade for them.

Could I make the Kindle Fire work? Yes, but I prefer the iPad. And sometimes preference is all it comes down to.

Windows Server Core Jumpstart

Recently I’ve been looking into the potential that Windows Server Core holds for our environment. Like most eager new Core users, I imagine, I jumped in with grand visions of spinning up a VM quickly and being off to the races administering it from my desktop. The reality wasn’t quite the same, as I ran into a chicken and egg situation wondering how I could set up the machine when I could not yet connect to it. To complicate the issue, I couldn’t find a concise list of information on exactly what is needed to simply make the machine available so that I could begin to work with it.

With that in mind, I’ve compiled the following information in hopes of saving others the same headache. There’s nothing earth shattering here, but hopefully it will allow people to get started with Server Core quickly so that they can move on to more important things, like how the server will actually be used.

Let me know if you have any questions or suggestions. Hope it’s a help to you.

  • Ports to request from your firewall team.
    •  TCP
      • 5985, 5986 (WinRM)
      • 445 (SMB) –This is up to you. I wanted to be able to move files to/from the server.
      • 135
  • Local firewall rules to allow remote administration.
    • Enable Remote Management groups
      (Note: If you enable “Remote Service Management” on the host first, then you can do the others via PowerShell remoting. This can be helpful since copy/paste in things like VMWare console doesn’t always work.)
Enable-NetFirewallRule -DisplayGroup "Remote Service Management","Remote Event Log Management","File and Printer Sharing","Performance Logs and Alerts","Remote Volume Management","Windows Firewall Remote Management","Remote Desktop"

Default outbound traffic to allow

Set-NetFirewallProfile -Name Domain,Public,Private  –DefaultOutboundAction Allow

Enable Ping (optional)

Enable-NetFirewallRule -Name FPS-ICMP4-ERQ-IN
  • Remote management tools
    • Add the remote computer to Server Manager (available on Windows desktop and server versions).
      • Once added, you can easily launch Computer Management and PowerShell for that specific machine by right-clicking it.
    • Connect via PowerShell remoting.
      New-PSSession -ComputerName YourRemoteComputer | Enter-PSSession
      • Cross-domain PowerShell Remoting (ie Dev or Test domains)
        • If remoting isn’t enabled on your local machine, enable it.
          Enable-PSRemoting -Force
        • Add machines to the TrustedHosts list. (Depending on your setup, you might have to substitute IP addresses for the machine names in -Value.)
          Set-Item WSMan:\localhost\Client\TrustedHosts -Value 'machineA,machineB'

          Verify with:

          Get-Item WSMan:\localhost\Client\TrustedHosts
        • Use PSSession to connect
          New-PSSession -ComputerName machineA -Credential (Get-Credential) | Enter-PSSession
      • IIS management (run on remote machine)
        Install-WindowsFeature Web-Mgmt-Service
        
        Set-Service wmsvc -startuptype "automatic"
        
        Start-Service wmsvc
        • Set HKLM\SOFTWARE\Microsoft\WebManagement\Server\EnableRemoteManagement to 1.
          (This can be achieved using the local regedit tool and connecting it to the remote machine.)
        • Restart the WMSVC service.
          Restart-Service wmsvc
        • Connect from local IIS Manager for Remote Administration with the local administrator credentials of the remote machine.
      • You can either use sconfig or the following remote PowerShell commands to allow Remote Desktop. (This is especially helpful for quickly getting to sconfig and other commands that do not operate properly with remote PowerShell.)
        set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
        set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1
  • Common configuration tasks
    • The utility “sconfig” can be used for most setup items.
    • For a more speedy and scriptable setup, below are some common configurations via PowerShell.
      • Change date\time
        Set-TimeZone -Name "Eastern Standard Time"
      • Change computer name
        Rename-Computer -NewName "machineA" -Restart
      • Add to the domain
        Add-Computer -DomainName "Contoso.com" -Restart

         

 

Giving Yourself Permission To Lose

One of the most profound turning points in my life was the moment that I gave myself the permission to lose. Please do not confuse this with apathy or a lack of ambition. It’s more of an upfront decision to roll with the punches, coupled with a focused vision on what is worth pursuing. Let me explain.

By nature (or maybe nurture) I am a very task-oriented person. I’m also a bit of a perfectionist. I want to be the best in every area of my life be it work, ministry, family, or simply recreation. I can’t simply play a video game, I have to be able to play it on a competitive level. I can’t just work in my area of expertise, I feel the need to develop a comprehensive understanding of all technology. I also want to be able to play instruments, fluently speak other languages, read a long list of books, etc, etc, etc. Being task-oriented, I cannot start one of these and just let it go. I have to finish it or it weighs on my mind. I also cannot stop everything else in life for that one task, so I spin up tasks in multiple areas. All of this combined, over time, becomes a huge drain on my mental and physical energy. Not only that, I begin to feel like a failure in each of these areas when I fall short of expertise in all of them. At this point you’re probably feeling stressed just from reading this. Imagine waking up and feeling the burden to accomplish all these tasks while still feeling the sting of not accomplishing them the day before. Living that way just isn’t sustainable.

Then one day I was praying during my devotional time and the thought occurred to me, what if I choose to lose? I’m not a quitter, so the idea of giving up on anything was repulsive. However, as I thought about it I began to realize that by pursuing this laundry list of interests I was already leading myself to failure in those things that matter most to me. Just as our parents always told us, “you can’t have your cake and eat it too”. We are all dealt a finite amount of time and energy. By choosing to involve myself in everything I’d taken away the option to truly invest myself in anything. It occurred to me that in order to win the right battles, sometimes you have to lose the wrong ones.

From that point I began to ask myself what I was really after in life, and I started to set aside those things that didn’t contribute toward those goals. This has lead to a laser focus in my life that I did not have before. At work I focused on strengthening my skill in database technology. To do that I had to let myself lose in the areas of Linux, programming, web development, and others. I don’t need to be a leading expert in every technical field to do my job well and have a fulfilling career. I also decided to lay off on video games and learning the guitar so that I could focus on learning Spanish. Ministry to the Hispanic community is a driving passion in my life and it became clear to me that these other hobbies were eating up the time and mental energy that I needed to devote to Spanish and Bible study.

I want to be careful not to portray the wrong idea. I’m all for challenging yourself in new areas and having diverse interests. It’s all too easy to get into a rut, which leads to other issues. There will be a day when I pick up the guitar again or study programming in C#, but today is not that day. If I master Spanish and therefore complete a critical piece of a primary goal, then I’ll move on to music. The point is to be aware of what you’re going after in life and to make sure you’re not sabotaging those goals by splitting yourself in too many directions at once.

There is another facet of giving yourself permission to lose that has more to do with humility. Sometimes we become overly aggressive/competitive in our desire to be the best. Or, even worse, we don’t even jump in because we’re too afraid that we’ll do badly. Giving yourself permission to lose up front frees you to both enter the activity and enjoy honing your skill in it, regardless of what the people around you do. Decide up front that even if you look like an idiot you’re going to do it anyway. And once you move past there and begin to develop some skill (and you will), do it in humility. Make your goal to be the best you can, not better than others. And help develop others along the way, even if that means they become better than you.

Get out there in life, stay focused on what is important, and enjoy giving it 100%. Set yourself up to win in what’s important by giving yourself permission to lose.

Unlocking Liberty

This week a US judge asked Apple Inc. to help them unlock the iPhone that belonged to one of the San Bernardino shooters. The CEO of Apple, Tim Cook, has resisted this order citing risk to his customers and implications that extend past the case itself. Since then, notable people have stood up in defense of each side. On the one hand some say that not unlocking the phone is helping terrorists. The other side says that this sets a dangerous precedent, and that the FBI is just using one case to open the door for unlocking any device they want in the future. I don’t claim to be an expert on security, government, or terrorism. However, there are a few things I’d like ‘we the people’ to keep in mind as this discussion unfolds.

  1. The government does not have a good track record of using their abilities in a limited scope. Recall if you will the Patriot Act. Many people were okay with it initially because of its promise to aide in stopping the terrorist threat. However, years later we know that it’s been used to access innocent citizens’ information on disturbing levels and has been active past the time it was intended for. I want to hope that our government would not use device access methods maliciously, but I don’t think any of us are naïve enough to rule out the possibility.
  2. It’s unnecessary to force Apple’s hand. If any organization in the world should be able to crack an iPhone it’s the FBI. They have some of the best tech minds in the country, one of the most technically developed countries in the world, at their disposal. Aside from that, there are independent hackers available for hire. John McAfee , creator of McAfee antivirus, recently volunteered to do this for free. That would allow us to access the data without setting a legal precedent that allows the government to force companies into unlocking customers’ devices.
  3. We’re slipping into a dangerous mindset where anything is acceptable if there is a remote possibility of catching terrorists. Not that we shouldn’t be vigilant about tracking terrorists and securing the country, but at what point are we doing ourselves more harm than good? If we continue down the trail of sacrificing liberty for security then we’ve already accomplished the terrorists’ goals for them. They will have defeated the American spirit and caused us to relinquish ourselves to servitude. Not servitude to an oppressive regime they placed on us, but one we created ourselves, driven by our fear of them. Also, on a more conspiratorial note, we can’t assume that ill-intentioned individuals or organizations wouldn’t use that fear as a carrot to drive us farther and farther down a path that releases liberty and gives them power. The use of terrorism seems increasingly like the wars of George Orwell’s ‘1984’. Is it Eurasia or Eastasia that we’re fighting now? I can never keep track.

In summary, there will be innumerable situations through the years where the question of security vs liberty will be raised. Don’t be quick to assume that everything marketed as anti-terrorism is pro-American, and when in doubt err on the side of liberty.

The Price of Free

When looking at which tech toys to use it’s easy to differentiate by the upfront cost. An iPad, for example, can be twice the price of some of its competitors. This can certainly be prohibitive, no matter the quality of the device. I very much enjoy my Macbook Pro, but I would not be using one if work had not provided it for me. For many people it’s just not feasible to pay such a large cash amount upfront, and understandably so.

But is the monetary cost of the device itself the only consideration? Maybe we should be asking how or why other companies offer theirs for less. For the purpose of this article I’m going to pick on Google simply because they are the largest company utilizing a competing model. They are certainly not the only ones but have arguably been the most successful at it. The model I’m speaking of is that of advertising. Every time you go to their website Google displays tiny advertisements that other companies have paid large amounts of money to have placed there. But we all know that the most effective advertising is targeted advertising, getting exactly the right ad to exactly the right person. This is where the rest of Google’s services come in. By providing a litany of well-built, completely free services Google invites thousands of users to connect to their systems. While doing this, they gain mountains of data about you, your interests, your social circle, and their interests. This allows them to create increasingly personalized advertisements for you and cash in with companies who want you to see those advertisements.

Bringing it back to the devices, when you purchase an Android tablet or phone the cash price is usually going to be lower up front. However, it is geared toward Google services (rightly so). Most people will use the built-in apps provided by Google and, in doing so, send large amounts of data about themselves to Google over time. This can be in the form of email (Gmail), IM’s (Hangouts), Movies/Music/TV (Play Store), location data (Google Maps), etc. It’s likely few if any of us realize the extent of the data that we send them. It’s all built on the foundation of advertising so it all works toward fueling that end. On the flip side, companies like Apple have a more traditional business model. You pay a price for a product. Yes the monetary cost is higher, but it’s the entire cost up front. They do utilize cloud services and have you input your data to use various features. But the data is collected in order to allow you to use those services, not to assist advertisers.

Don’t get me wrong, it isn’t like Google is hiding anything. They offer a free service or low-cost device and in return they get to use your data to target ads towards you. It’s all laid out from the start in their user agreements. The problem is that none of us really read those things. We just click through the agreement in a rush to see what cool features are in store for us. So, the takeaway here is just to be mindful. Nothing in this world is free, especially when it is made by a for-profit company. If you have privacy concerns then take a step back and evaluate what information you’re giving over for the services you use. If you’re happy with the return you get from those services and the more relevant advertisements that result from your data being used, then please continue to happily use their services and products. Just never assume that the only cost of your device was the cash value.

Disclaimer: This post was written using Google Chrome on an Apple Macbook Pro.