Skip to main content

Craig Pilcher

I've got $40 for the first Gofundme to purchase Senator Todd Young's browsing history http://www.theverge.com/2017/3/23/15026666/senate-broadband-privacy-rules-congressional-review-act-fcc-vote

Craig Pilcher

The Elusive Private Cloud

3 min read

It is the DMZ week between the two major developer conferences of the year, I/O and Appple's WWDC. Shots were fired by Google in the form of free and unlimited photo storage and an omnipresent search assistant for its upcoming OS update. fans have already begun reflexively asserting that "Google ain't no thing":

Everything has a price. With Apple, you typically pay them money, and they sell you premium products and services in return. That type of cost and relationship is easy to understand.
With Google, you typically pay them attention and data, and they give you free or cheap products and services in return. That cost and relationship is harder to understand.

First of all, no, it is not hard to understand. For decades if not longer, services have used advertising to mitigate cost to the user. Ever listened to a radio, or read a newspaper, or received junk mail?

Second (and more nitpicky), you would be hard pressed to find anyone else making the argument for Apple offering users more choice. I am running a custom launcher, a third-party SMS client, and readily switch between three different browsers depending on my use cases. Ever tried that on iOS? */android-troll*

Apple CEO Tim Cook even joined in:

“We believe the customer should be in control of their own information. You might like these so-called free services, but we don’t think they’re worth having your email, your search history and now even your family photos data mined and sold off for god knows what advertising purpose. And we think some day, customers will see this for what it is.”

The first takeaway from this is that the Apple camp is placing a priority on while at the same time knocking "so-called free services" down a peg. This implies that privacy is only available to those who can afford it. This sentiment is much larger moral hazard than allowing tailored advertising to subsidize service.

The most important takeaway, however, is that this sentiment could turn into Apple's Waterloo if they don't make some major improvements to their services. Google Photos has long been superior to iPhoto, only to be hamstrung by its dependence on Google's misunderstood social network. Google solved that problem this year by separating them. Apple needs to give people a reason to pay out the nose for their competing product besides "hey, we won't check out your pictures."

Google offers value in exchange for information, which is why they are seen as a pinnacle of innovation. Apple offers value in exchange for cold hard cash, which is why they are seen as a walled garden surrounding a mountain of cash. Hopefully Apple's private will open up and rain some new ideas on WWDC this year, instead of nude photos of celebrities. */terrible-apple-troll-pun*

Craig Pilcher

Thanks, Obama. Love, NSA

1 min read

Dear Steven (my NSA angel),

I understand that phone calls are kind of your thing. How does it feel, then, that someone in charge (however half-heartedly) is finally saying, "Hey, maybe we shouldn't collect all this phone data"?

I'd be a little mad, I guess.1 I just hope that we can all be adults about it and debate the merits2 and shortcomings3 of mass surveillance. Unlike some people, who wear three-corner hats and freak out when they get tread on by Barack Hussein Obamacare and don't understand the phrase "what goes around comes around."

And hey, bonus -

Phone companies, for their part, would have to provide "technical assistance" in order to make sure that the government could easily search for and collect information...

You have a built-in scapegoat for when things go tits up4!

Sorry for your (non-)loss,
Craig


  1. I'm sure your behavior algorithms already knew that. You have those, right? Google does, so I'm sure you do by proxy. 
  2. None. 
  3. All. 
  4. I would like to see this British-ish phrase come up more in daily conversation. 

Craig Pilcher

Dear NSA Angel

2 min read

One of my best friends is doing some awesome things in the Navy. Like, awesome enough that he can't really say what they are. My wife and I were talking about him a couple weeks ago and came to the realization that we have contacted him enough that we are well within the two or three degrees of separation required1 for NSA 2.

Since then, we have included occasional messages to our "NSA angel" in our everyday communication, to see if they come true or just to give some Quantico keyboard jockey a laugh. Thus far, our NSA angel has failed to predict the Super Bowl outcome3 or chime in with the proper number of ibuprofen pills to treat inflammation.4

Anyways, I haven't had a lot of time to write lately - just been a little busy5. And the only people that knew about my NSA angel were my wife and I, our Navy friend6, and our NSA angel (obviously). So I am making my NSA Angel letters their own category in hopes to kickstart some writing. Please feel free to write some to your own NSA angel as well. I'm sure they get bored reading about every detail of your life (some of which you probably don't even know yourself).


  1. It's a thing - ask the Guardian
  2. Sure, they say that they are only surveilling possible enemies of state. At this point, do you believe them
  3. I told the NSA angel to not respond if the Broncos were going to win. Classic catch-22 (because they7 obviously knew the winner in October). 
  4. It's three, right? That was our guess. 
  5. My NSA angel knows how that goes. Amirite Frank? (Frank is his name) 
  6. No, not you. The other one. Frank knows. 
  7. By "they" I mean "math". 

Craig Pilcher

Craig Pilcher

The trouble with mobile

4 min read

I am stuck in the second half of my 2 year phone contract. The first half is when the phone is all new and shiny and the manufacturer keeps it up to date with current software. The second half is when all those benefits fade and you are still on the hook for another year. For whatever reason the a one year contract tier is now a thing of the past. Locked down or contract-free are the only options left.

On top of that, my contract is with Big V (for “Voldemort”, but worse). Verizon has built a great network, but it is horrible for tech enthusiasts (I have no experience with AT&T, which is probably just as awful, but in different ways). I don’t have a landline (and who could afford one with the price of a smartphone plan?), so sticking with solid service seems to make sense. But I also don’t make many calls, so my gigantic cell phone plan is mainly for data. That’s not so bad, because it is unlimited. At least, until Verizon caps my data when I renew my contract.

Other random VZW problems:
- Can’t use their phones anywhere outside the US without paying out the nose. This is a Sprint problem too, because neither use GSM technology, but I’m not sure that Sprint requires you to hack THEIR OWN global phones to get them to work correctly
- They instated this fee two weeks before my last official upgrade (mostly just personal bitterness there)
- They don’t fight for users’ privacy rights. Even Comcast and AT&T pretend like they care.

Clearly, they are an easy target for user ire. Rightfully so, because of how much of my time and my income is spent on them and their phones. But this brings up another major problem. Demanding the highest quality devices from the company with the highest quality wireless service should not be the leap in logic that the market is making it out to be. New flagship phones are coming to VZW late or not at all, and I believe the reason is the Galaxy Nexus Saga.

In October 2011, Google unveiled Android 4.0 and its flagship device, the Galaxy Nexus, exclusive to Verizon in the US. Presumed to be the ideal phone on the ideal carrier, it would receive timely updates from Google because it ran stock Android (the specific reason I bought it!) while running on the fast VZW LTE network. But then the phone was delayed for a month while Verizon disallowed Google from putting its own Wallet software on the phone. After release, each new Android iteration would update international and unlocked GNex units, leaving VZW customers months behind. The phone is finally up to date as of March, over a year after its release. I have heard it called the Fallacy Nexus (by nerds), and I am inclined to agree.

The problem with mobile computing is this carrier influence. Even five years ago, the hardware and software used for personal computing was controlled by (surprise!!) the hardware and software companies selling the computers. Now that most personal computing is done on phones, the phone companies have changed that dynamic. They push the innovators into conservative design decisions, market only the devices that kowtow to their demands, and preach “pay no attention to the duopoly in the corner.” Until they function like a (mostly) dumb pipe like cable internet, this is the way the world will be.

via Tumblr http://craigpilcher.tumblr.com/post/52243082687

photo: Scott Ableman via Compfight

Craig Pilcher

Off the beaten Path

3 min read

I will start off by saying I am a Path apologist. I love the app; it is my go-to for sharing moments from my phone. The design is cutting edge, and the concept works well. I began using it around their second major release (found out about it here) before their last privacy kerfuffle. This was serious, but they fixed the issue almost immediately. They ended up paying an FTC fine for accidentally collecting this contact data from minors (which, again, it immediately deleted).

Path went on its merry way, creating new ways to interact for to copy (see: Path’s search and Graph Search, launched in beta a month later). But when the only major story about you has been a privacy issue, that seems to be all anyone remembers. This past issue frames new attempts at growth in a bad light, which is why the tech media is accusing Path of spammiing users’ contacts.

The “spam” in question, which, albeit annoying, is far preferable to whatever other monolithic networks are doing without telling you. Furthermore, it is most likely due to user error. I have never heard any of my contacts complaining about spam from Path (contacts - please correct me if this assumption is wrong), and I know from use that there are 2 prompts to go through before Path gets any of my contacts’ info. It invited a couple family members, but only when I specifically told it to do so. Path’s biggest issues here are occasional lag time (which is probably why these “spam” messages were sent after this guy uninstalled the app) and selecting everyone for invite by default. It is a little uncouth, but it is an easy fix - last I checked (after the latest update), the “Invite Friends” list left my contacts unchecked by default.

I realize that some people see this as a second strike on privacy, but the team at has shown that, while they make a few sloppy mistakes every once in a while, they are committed to fixing those mistakes and keeping users’ trust, not alienating them as the tech media seems to think. No matter how douchey the CEO might be, people should soon realize Path makes a product they would enjoy greatly, and is FREE TO USE. They occasionally accidentally use your data to contact people you know, and then fix it when they realize the mistake. In my book, that always beats selling your data to people you will never meet.

via Tumblr

photo: Wally Gobetz via Compfight

Craig Pilcher

How to Share Online

2 min read

I keep wrestling with when and how to leave Facebook (and actually have a long draft in progress for when I finally do). But where does one go now? What are the other options?

Well, Twitter was my first thought. But I have almost always used third-party clients to access Twitter, and they have been dicks about that lately. In fact, the developers of my favorite Twitter clients (Falcon Pro and Carbon for Android) held a G+ hangout just yesterday to discuss the token limit situation. I hardly ever tweet from the desktop, but even that is better with third-party apps like Tweetbot (I'm not counting Tweetdeck, which was awesome until Twitter bought it and then totally neglected the Android client).

Google+ is another possible outlet. It manages to have all the features of Facebook (and does a few of them better) without the squicky feeling that they will always step on my privacy. That is an implicit issue with Google, but that has always been their modus operandi: fantastic services in exchange for advertisement. However, Google+ also feels like an endpoint. It is a place where items I share can end up, but I can't take them and move them elsewhere, like Wordpress.  Twitter and FB suffer from this as well (I haven't investigated Tumblr as much, but I fear the same).

But then yesterday's App.net news came, and it is starting to sound better and better. Smaller community, great global stream, built-in storage, developer friendly, and user-first. It hits all the right buttons. I may have to give this a try.

There will come a time when we all host our own data and are able to share it however we choose. Until then, I will continue being a social network hipster.

Craig Pilcher

Privacy

2 min read

The amount of people that do not (or even choose not to) understand modern technology and the internet is bewildering. I see it day to day at work (my company thinks it is a "tech" company! Cute) and from the people elected to make laws. I remember a TA in a software engineering course tell us about an internship he had in which he automated all his work in the first couple days using a few Python scripts. This gave him a free summer to goof around. Menial tasks can generally be avoided these days.

I guess that is why CISPA bothers me. It seems like a step in the right direction from SOPA, but that step mostly benefits the intermediaries handling user information, not end users themselves. Internet communication is (generally) free speech, and expecting to know who can see your data seems reasonable enough. But the people writing the laws do not see this perspective; they see terrorists and scofflaws (always wanted to use that term) that must be stopped at all costs, and the internet as a readily governable entity. If you can't obtain a warrant for that information, then why do you need it?

The bottom line is just understanding what you are getting into when you are sharing data online. Microsoft keeps calling out Google for this, and the only reason it gains any traction is from the personification of Google reading your email. Putting any rational thought into that renders it absurd (how many people would they have to hire to read every Gmail account?). Part of the reason I started this blog, besides having a place for longform thoughts, is that I don't really trust Facebook with my data that much to begin with. Ever since they went public, they have seemed a little desperate about finding new ways to monetize my data. I would like to use that data to interact with people instead of with more computers. And if I would like it to be private, it should be private.

Craig Pilcher

Modern privacy

1 min read

It's quaint that after all those years of having to memorize and change and rememorize passwords, the better option might be an actual key.

It was summed up best in xkcd:xkcd: Password strength

Two factor authentication is finally moving beyond this problem for the average consumer. It is the fancy term for using something you know along with something you have to gain access to online accounts. It is a case of tech finally catching up to a fairly normal part of everyday life. I can see it becoming ubiquitous once Chrome adopts it.

It reminds me of a sci-fi trope (I believe I originally encountered in Animorphs - I'm a 90's kid) where the alien civilization invented books long after developing their version of the internet. They can't understand why the internet would be superior, because books offer the same knowledge with instantaneous access. You don't get access to your house by knocking on the door and saying "correct horse battery staple" for the same reason.