Trading Privacy for a Little Convenience

Benjamin Franklin once wrote, “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” The quote (and its source) is often disputed (see https://www.npr.org/2015/03/02/390245038/ben-franklins-famous-liberty-safety-quote-lost-its-context-in-21st-century). But it is clear that modern privacy advocates see this quote as a proof text for the shortsightedness of exchanging your privacy for your security. Indeed, I too have used this quote as a rallying cry. But in candor, my use of this quote is more of an “appeal to authority” rhetorical argument rather than a reasoned defense of unfettered freedom.
 
But how should we respond to HART (the Homeland Advanced Recognition Technology project)? DHS is building a massive repository of identity information. This is, ostensibly, for ensuring our security. From the Electronic Freedom Foundation (at https://www.eff.org/deeplinks/2018/06/hart-homeland-securitys-massive-new-database-will-include-face-recognition-dna-and),
 

DHS’s plans for future data collection and use should make us all very worried. For example, despite pushback from EFFGeorgetownACLU, and others, DHS believes it’s legally authorized to collect and retain face data from millions of U.S. citizens traveling internationally. However, as Georgetown’s Center on Privacy and Technology notes, Congress has never authorized face scans of American citizens.
 
Despite this, DHS plans to roll out its face recognition program to every international flight in the country within the next four years. DHS has stated “the only way for an individual to ensure he or she is not subject to collection of biometric information when traveling internationally is to refrain from traveling.”

On its face, this is repulsive. And for most Americans, this kind of assault on our freedom and our right to privacy is unthinkable. But the federal government apparently hoped that this effort would gain little public attention.

But while we chafe over such obvious governmental incursions, why do we embrace the same incursions when they come from a private company? Most Apple users applauded the availability of facial recognition as part of the new Face ID feature. And I daresay that Android users would welcome the very same technology, if they knew that it already existed on their phones.

So what’s the problem with a company doing this?

There is little problem if you trust the company and if you read your grant of license. I daresay that miwe do trust companies and we don’t read license agreements. Of course, it should be the other way around. If we read the grant of license, then we would realize that most companies will use whatever they can leverage to increase profits for their owners/shareholders. And if we give away our rights (as well as personally identifiable information), then we are worse than those who gave away freedom for security. We’re doing it to save a few seconds of login time.

Which One Will I Choose?


Over the past several weeks, I’ve spent time and money on assessing a variety of streaming audio solutions. My assessment has considered many factors. But chief among those factors was the mobile experience. When I was at home, I used iTunes. It’s not that iTunes is necessarily the best. Indeed, I’ve used dozens of tools at home.  As a general rule, I have always favored things that also provide for metadata management (e.g., MediaMonkey). But iTunes has always been the “gold standard” for both “look and feel” as well as for application compatibility. Everyone is “compatible” with iTunes because it IS the de facto market leader.
But that market may be shifting – at least for me.  Over the past few weeks, I’ve assessed two different audio streaming tools: Amazon Cloud Player and Google Music.  Both have their pros and cons.  Google has much more storage available that is (currently) free of charge.  Amazon has a pre-exisiting (and built-in) retail channel that allows for easy (and impulsive) music purchasing.  Both have good web clients.  And both have good Android clients.
But both suffer from one key problem: I can’t capture and record my listening data on Last.fm.  Yes, I can scrobble data from the web client (if I use third-party scripts to do the job).  But neither product has any native capability to scrobble from an Android device.  There are music players that do scrobble from Android.  If you use the Android Music player, you can use tools like ScrobbleDroid.  And if you are a fan of Winamp, you can scrobble through the Last.fm Android app.  But neither of these players can stream audio from my library.  So I was stuck in a quandary.  Should I store music on my phone and utilize a player that scrobbles?  Or should I use a cloud-based music player and forego the ability to scrobble my music?
The only solution was to either code up my own solution – or use something that already does both.  Since I still have another wedding in five weeks,I chose the latter approach.  Based upon some searches in Google and Twitter, I decided that I would try out the Audiogalaxy product.  Based upon its marketing, the product provides streaming audio (from your home and through their servers) and the product scrobbles via the Last.fm Android app.  So I began yet another quest in search of a mythical chalice.
Audiogalaxy is relatively simple to install.  The site provides the step-by-step instructions that will get you going.  But the basic process is as follows:

  1. Create a free account on the Audiogalaxy site.
  2. Download and install the Audiogalaxy “helper” application.
  3. Point the “helper” application at your music files.
  4. Wait for the helper application to collect metadata and send it to the Audiogalaxy service.
  5. Install the Android app on your phone.
  6. Start listening to your music.

The process is relatively straightforward.  And I had no technical issues with the setup.  I can now listen to my music library from my phone.  And as I listen, my listening habits are recorded at Last.fm.

Unfortunately, Audiogalaxy has the same privacy issues that are present in Amazon’s service and also present in Google’s service: all of your music is streamed through a third-party service.  So the architecture of all of these products is an architecture of control, not anonymity.
As I’ve said before, this doesn’t pose a problem for me at this time.  After all, my music is positively pedestrian.  But what would happen if my musical tastes were more scandalous?  Or what would happen if the government decided that rock music was not to be tolerated at all? Then where would I be?  I would need to rethink my listening habits.  Of course, if something that draconian ever happened, then I would rethink my need to scrobble at all!  And for those kinds of over-the-top situations, I might need to assemble a BOB (bug out bag)! 😉
After this exercise, I now have a streaming solution that I can utilize.  And I think I know what to look for when it comes to government snooping into my private life.  And there is one more option that has to be noted: Apple has not put its offering on the table yet.  Maybe that offering will be announced this week.  If so, I suspect that my options will grow even broader.
Finally, I really ought to point you to a vey fine comparison of all of these options.  David Ruddock (and the folks at AndroidPolice) put together a great comparison of music apps on the Android platform.  Check it out for a comprehensive view of all of the Android options.
-Roo

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Google Music Is A Real Beta


I have spent a great deal of time this week working with the new Google Music Beta.  And I am finally at a point where I can speak with a degree of confidence.  What do I think of the new Google service?  I think it is a real beta.  It has some very rough edges.  But it is chock full of promise.  It has some unique and innovative features.  And there are some things that are simply undone or they are incomplete.
The Good
There are a lot of outstanding features in the Google offering.

  • The current Google offering provides for storage of up to 20,000 songs.  This is outstanding.  If this model is carried forward, Google Music will destroy the competition by starving the market.  My song base alone is over 12GB.  So if I stay with Amazon, I will need to pay for a 20GB allotment.  That will mean ~$20 per year.  That’s not much.  But when it’s compared to a free product, I will always take free – unless free doesn’t meet my minimum feature requirements.  [Note: Google may get themselves into some trouble with such a generous storage limit.  The government might choose to bring a case against Google for anti-competitive practices.  I don’t think that I’d agree with such a claim.  But I can see where Amazon and Apple might support someone else bringing such a claim to the federal courts.]
  • The service itself is stable and the music streams reliably.  While I have had some challenges with streaming to my phone, most of my experience has been outstanding.
  • The user interface on the phone is beautiful.  It is a joy to work with the mobile tool.  While the “look and feel” of the Amazon tool is eminently functional, it is positively clunky.  Google has obviously spent some time making the mobile experience very appealing.

The Bad
Despite all the good features, there are some serious shortcomings in the initial offering.

  • The tool that loads music onto the service is positively anemic.  As noted in my previous post, loading music is an all-or-nothing proposition.  To load individual songs (or new sub-folders in a nested hierarchy), you have to reconfigure the music loading tool to point to specific folders.  Then you have to find the option in Settings that allows you to manually load music.  Then you have to push the Start Now button.  Google really needs to spend some time working on this process.  You can “stretch” the tool to do your bidding.  But ease of use in music loading is a definite weakness.
  • The view options are really limited.  Yes, you can navigate around in the web client.  But it is not a beautiful and robust client: it is a functional client.  That said, the Android client is beautiful.  And it has some of the view options that I like.  But it would be nice to have similar options between dissimilar clients.  Whether for good or ill, the Amazon client has a common appearance across every platform – including the Apple platform.
  • There is no music store interface.  When I went through the process of loading files, I noted that some of the songs (that I had on my hard drive) came from questionable sources.  In my case, I had gotten a copy of “Riders on the Storm” (by the Doors) from the web.  I had used the song for a video that I had made for my son a few years ago.  But I had never gotten around to buying a copy of the song.  So I used Amazon’s service to buy the “Best of…” album from The Doors.  Having an integrated service (from any vendor) would be most welcome.  I have found that since using the Amazon client, I’ve probably purchased a half dozen albums that I would have otherwise not purchased.  This is especially true of impulse purchases.  Having an electronic wallet and an “always on” connection has allowed me to experience impulse buying in a whole new light.
  • There are no tag searching or tag editing options at all.  For some folks, ID3 tags are vitally important.  And there is no attention to this subject at all.
  • There is no support for scrobbling music to Last.fm.  Yes, there are ways of scrobbling when using the web client.  Dan Slaughter has put together some excellent scripts that work with both Google Music and Amazon Cloud Drive.  You can find information about these tools here.  But it must be noted that there is no support currently available for the mobile (i.e., Android) client.

The Ugly
Finally, there are some ugly issues that really need to be resolved before this product can become a traditional Google beta (i.e., a complete product).
It took me almost a week to get the product to work on my phone.  The product would install successfully. And I could see all of the local music, but I couldn’t see anything that was on my cloud drive.  At first, I thought that this was a problem with my custom ROM.  I use Liberty 2.0.  And some apps have trouble with some of the things that jrummy does with the ROM.  But that was not the case.
I was about ready to give up on it when I had an unforeseen (and problematic) product upgrade for LauncherPro.  My entire LauncherPro config was wiped out and needed to be rebuilt.  Once I solved that problem, I went back to the Google Music service.  And what to my wondering eyes did appear, but my music collection (but no tiny reindeer). I have to assume that the cleanup of LauncherPro solved my issues – though I have no way of proving it.  Either way, the Google Music product now works superbly – though I wish I really knew what caused the trouble in the first place.
But to me, the most troubling aspect of this service (as well as the Amazon service) is the issue of privacy.  It is one thing to believe in the safety and security of your own home.  But when you store your media on an external service that is not within your home, do you have any degree of privacy?  Perhaps you do.  Then again, perhaps you don’t.
Part of me is very troubled that I have my musical tastes  (and my reading tastes) exposed to any corporation.  But it would be even more troubling if that same corporation made my content tastes accessible to the government.  Do I have anything to fear currently?  No, I really don’t.  I try to ensure that all of my content is licensed.  And I am pretty darned pedestrian in my reading and musical tastes.  In fact, most people call me a prude.  But I don’t want the government to know what I think.  It’s none of their business.  Finally, I broadcast (via blog, tweet and scrobble) all of my media-related activities.  So am I concerned that anyone will use this information against me?  No, I’m not.  At least, I’m not concerned currently.
But what happens if corporations (or the government) change and become more insidious?  Or what happens when they try to use my data for their own selfish marketing needs?  For me, this possibility is real.  And it gives me reason to pause.  I don’t want to see the firemen break down my front door and seize my copy of the Bible (or the sonnets of Shakespeare, or the music of The Doors).
Bottom Line
I am impressed with the Google service.  I really like their Android client.  I hope that they will create a common client interface across all platforms (including Apple’s iOS).  And I really hope that they take time and care in developing their EULA.  There are some real challenges that must be solved.  Nevertheless, the “all you can drink” service is far more compelling than a “pay per gigabyte” service.
But for now, I’m leaning towards the Amazon platform.  It is a little more polished and a lot more ubiquitous.  Moreover, the Amazon case for privacy is a little more comforting (given Google’s historic willingness to work with the repressive Chinese government).  Finally, Amazon’s integration with a working retail channel is far more compelling.  But if Google can overcome some (or all) of these hurdles, they do have a chance to win my business.
-Roo

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Why Use Tor?

So why should you use Tor?
That’s a good question.  First, you need to know what Tor does.  I find that simple descriptions are often the best.  So here is my simple version of what Tor is: Tor is a means of tunneling specific messages (i.e., traffic) through an anonymous (and reasonably secure) network.  Wikipedia describes it here.
Many people look at Tor and ask why is such a thing needed?  Their questions presuppose that they trust the networks that they communicate across.  Most folks think Tor is just for copyright violators, organized criminals or other unsavory netizens.  But that is both too simplistic and too trusting.  Tor is for anyone who needs to ensure that their communications across the network remain anonymous and/or secured.
Let’s consider a real-world example.  There are many nations that do not allow for the Bible to even be carried .  Further, many countries routinely persecute and prosecute people that publicly proclaim the gospel of Jesus Christ.  But the gospel cannot be silenced by mere mortals.  There are men and women who have always been willing to share the Word of God regardless of the cost to themselves.
And throughout the world, tyrannical governments seek to squelch opposition by monitoring the communications of their citizens.  Indeed, you could easily argue that the majority of people in the world are being “watched” by the very governments that should defend their liberties.
Like the early Christians in ancient Rome, there will always be those who stand for truth and justice rather than simply obey corrupt civil authorities.  And in these nations, tools that help maintain the anonymity of persecuted citizens are very important tools indeed.
If you don’t believe that this was true for our nation, then ask yourself why so many of our founding fathers used pseudonyms for their writings.  Indeed, even the authors of the Federalist papers used pseudonyms – although not just for the sake of anonymity.
-Roo

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Summer of Insecurity

More Paranoia
More Paranoia

First, I need to apologize to many of my faithful readers.  I think I’ve finally succumbed to the Twitter disease.  As many of you know, I’ve been using Twitter for over two years.  Indeed, I’m one of those technology saps that picked it up, set it down, and picked it up again.
And I really love Twitter.  You can connect with others at the same time that you post your thoughts on any subject.  And for me, it has the added value that you only have to edit a 140 character posting.
I state all of this for one reason: I must apologize to my readers as I have forsaken the “long form” for the micro-blog.  It has been almost a month since my last post to this blog.  And that is thoughtless of me.  If I want you to continue to read the things that I write, I must continue to write them.  In the meantime, I’m trying to work out an adequate penance.  Please leave me a comment with your ideas on how I can attone for the sin of neglecting my readers.
Now, on to the meat of today’s missive…
Last month, I started a security voyage.  Much of the reason for being so concerned about security is that Noah has challenged me.  He didn’t even realize that he had challenged me.  But those pesky Starbucks conversations have a way of provoking an immune response reflex. He would tell me about going to Defcon and how thrilled he was to meet with his friends in the hacker community.  His joy at being able to “crack” technology barriers perked my concerns.  So it was time to convert concern into action.
Last month, I knew I needed to address some chronic architectural flaws.  Think of last month as stiffening and strengthening the girders.  I put a VLAN in place to isolate the most insecure aspects of my infrastructure from the most valuable jewels in the collection.  I turned off all but the most necessary of protocols.  I began utilizing a lot of tunneling.  This allowed me to lessen the surface area of my risk. But it just put all of my “risk” into one basket.  In effect, I had one basket of very dense risk.
As I type these words, I think of the last scene in Terry Gilliam’s “Time Bandits” movie.  In the last scene, the totality of evil t be found in the movie is condensed down to a single charred briquette of absolute evil.  That’s what I unintentionally had created last month.
As of yesterday, I started to address some of that evil by working on the doors and the locks that protect my house.  I’ll start by noting that I do have a few web servers that are relatively open.  These are the webcams I referred to last month.  They are older and inherently less secure.  But they are now “isolated” and provide rather limited value to an intruder – unless you want to watch me typing on the computer or loading my new panniers.
But I’m wandering off topic…
Yesterday morning, my biggest “door” was the cable modem connection and the wireless router that I use at home.  I’ve been pretty good about securing the wireless.  And last month, I closed a whole bunch of windows on the facade (i.e., open ports for unneeded services).  But the locks on my front door weren’t very solid.  Yes, I use a custom firmware build.  And yes, I use ssh  for the majority of my access needs.  But it wasn’t a strong enough lock.  So I set to work on replacing the locks on the front door.

  1. I started by using Steve Gibson’s “Shields Up” service.  I quickly noted that while port 22 was open, there was still a remnant of port 80 that was still visible.  After stumbling through some documentation, I realized that there are a couple of “options” in the DD-WRT firmware that I needed to tweak.  In order to really lock down the leakages, I had to set some nvram options as well.
  2. I then improved the locks by switching from a password-based authentication approach to a PKI approach.  Using PuTTYgen, I created a 1024-bit public/private key pair for myself.  [No, I haven’t posted my public key on a keyserver yet.]  I then generated a horribly long passphrase tat I would remember.  Now I had to get the public key onto the router.This proved to be quite a challenge.  After editing the generated keyfile, and using cut/paste operations (from Notepad into the router’s web GUI), all I had to show for it was a series of failures – on many levels.  After what seemed like hours (but was actually just a few hours), I finally noticed that PuTTYgen places the public key component it generates into a portion of its key generation window.  And the output was quite a bit different than the output PuTTYgen places into the keyfile.  Every security wonk reading this must be saying, “Gosh, you’re kinda slow, eh.”  Well, I guess I am.  I took the text (in OpenSSH key format) and pasted it into the DD-WRT ssh public key segment of the DD-WRT -> Services dialog.  And voila, things began to work.
  3. After adding the key through the GUI, I realized that I didn’t even want the management GUI (for DD-WRT) to be generally available – even from the LAN side of the router.  So I set nvram parms so that the web GUI would not start at all.  And if/when I needed it, I could start it via the command-line.At this point, I had locked down ssh in my environment, right?  The answer wasn’t quite that simple.
  4. Since I was still routing port 22 from the WAN interface to the WinSSHd instance on my main system, I still had a problem: ssh needed to be hardened on my Windows 7 device.I use WinSSHd.  It is free for personal use.  And since I’m a person, I felt I can take advantage of their generosity.  From a personal viewpoint, I’ve used a variety of Windows SSH tools (including the full-featured Tunnelier product).  And I think that the personal version of this tool is excellent.I set up the  server to utilize my public key.  I then went to my laptop.  After setting up some additional session profile in PuTTY, I had a serviceable session established for testing.  But for the life of me, I couldn’t get the crazy thing to work.  I started to assume that it was a public key  problem as was the case with DD-WRT.  But after a few hours of fumbling and trying a number of things, I started to get frustrated.
    I finally noticed an inconspicuous link on the main WinSSHd server management page.  It pointed me to the server management log folders.  Well, I had been through the session management logs.  But I figured I’d give this a try.  In a few moments, I was treated with a rich feast of information.  And I casually noted that the key exchange was failing because the client was offering a 2048-bit key while the server was expecting a 1024-bit key.
    It dawned on me that I had trouble copying the public keys to this machine many hours earlier.  Earlier in the day, I couldn’t find my USB key.  So I had used one of the Sandisk Cruzer drives my wife had squirreled away.  And amidst all of the trouble associated with the U3 drivers for the USB device, I had probably copied the wrong version of the key that I had generated many hours earlier.
    The solution was simple: I took the right key and loaded it onto my laptop.  Once corrected, the ssh tunnel sprang into life.  Here’s a reminder.  When doing a multi-step project, write down what you do and when you do it.  It may prove helpful at a later point in time.
  5. Once I got the tunnels working, I realized that I really didn’t want a 1024-bit key.  So I regenerated new keys and deployed the public key component to both ssh servers (Dropbear in DD-WRT and WinSSHd on Windows).  It only took a few minutes – now that I had solved the earlier issues.

So after ten hours of security tinkering, I had installed stronger and more tamper-resistant locks onto the one door I have onto the Internet. I am effectively tunneling all of the valuable protocls through ssh.  So I’m feeling a lot better.
But after doing all of this, am I any safer?
That’s such a tough question to answer.  I am smarter than I was a few hours ago.  I know a lot more about PKI.  And I know that having 2048-bit asymmetric keys is better than a weaker alternative.  And I know that even longer keys may not be worth the effort.  And I remember that if you want to stop casual hacking, you only have to have a stronger door than your neighbor.
But am I safer?
All the windows are shut.  And I’ve got better locks on the door.  But if someone wants to get in, there is precious little that I can do to stop them.  So we need to remind ourselves that multiple layers may be the best defense.  Even though the door is locked, put your valuables in a secure place.  Some of my most sensitive data is not stored on my online systems.  Indeed, that data may be in the form of offline media that I have in my desk or in a filing cabinet.  But such distribution of data is not the only defense.  Make sure that your computers are secured with strong passwords.
And try not to leave the keys near the locks.   Some folks write down their passwords and leave them on a sticky note – just like the idiot office clerk in “Wargames.”  If you must have  a repository for passwords, use a secure password manager tool.
And always remember that security is a perpetual process of improving what you already have in place.
-Roo

Come Out, Come Out Wherever You Are

cell-towersCell phone coverage is quite interesting.  I use a Sprint-based phone and my wife uses and AT&T phone (both provided by our employers).  So both of us have different qualities of service in various points throuhout the house.  I have reasonable coverage on the perimeter of the house.  And my wife has excellent coverage on the east side of the house.  Thanks to Google Latitude, I now know why Cindy has different coverage on different sides of the house.
Cindy has a BlackBerry Pearl.  And I have helped her to set up Google Latitude on her phone.  BTW, the BlackBerry version of Latitude is quite good.  And it seems quite different than the Windows Mobile version that runs on my phone.  But that is grist for a different post.  I had a few minutes tonight so I figured that I would finalize the setup so that her phone was associated with Google Latitude and her Google account.  I also went ahead and set her account to update her location automatically.
Since her phone doesn’t have GPS, Google got the location information from the cell tower that Cindy’s phone was associated with.  So Cindy and I learned that her phone was communicating with a cell tower across the highway about a mile south of us.   I thought this was kind of cool.  So I called her into the classroom to show her the Latitude application from within iGoogle.  And she walked into the classroom on the east side of the house.  Within two minutes, I noticed that her location shifteed to someplace to the east of our house.  In fact, she had moved between towers just by moving thirty feet to the east.   And when she walked back to the living room, her location changed in Latitude – indicating that she had associated with the original tower.
Both of us thought that this was realy cool – and quite startling.  Google has done a good job making sure that the customer must provide approvals before anyone can see/consume location information about your account.  But most folks won’t be paying detailed attention.  Therefore, I wonder how many people will unkowingly give all sorts of location data to all sorts of people – including Google.  Yes, tracking kids may become easier.  But being tracked by Google (or other entities) will also be much easier.
-Roo