Your infrequent reminder, Facebook is evil

They figured out how do you tweak people’s vanities and their passions and their susceptibilities and their desires in order to keep them on the site.

Source: The Central Question Behind Facebook: ‘What Does Mark Zuckerberg Believe In?’ : NPR

If you have not heard it, the above NPR Fresh Air interview by Dave Davies with Evan Osnos, a New Yorker Staff writer is well worth the listen.

Since that interview, we’ve had two more announcements of significance from Facebook.

October 11th, the evil empire announced that they’d disabled some 66 accounts or what Facebook described as:

dozens of accounts and profiles belonging to Russian database provider SocialDataHub

SocialDataHub provides analytical services to the Russian government. Facebook said SocialDataHub were “scraping” peoples information. Who knows how much information, how they used it, or who they sold it too. Facebook don’t. It looks live another 50-million accounts at least. [Check here if your account was compromised.]

The October 8th, Facebook announced their “Portal”, basically a tablet and web cam that allows you to make video calls to other Portal-users, and follows you around the room. Facebook of course says Privacy is

‘Very, Very, Very Important’

But let’s be honest, are you really willing to stay on facebook? Who in their right mind would allow facebook to live video them and not screw up the privacy, and even if they don’t, they’ll be analysing the Sh*t out of everything in every frame to identify things to sell to advertisers about you.

Can facebook do this securely and respecting your privacy? You bet your life not.

#DELETEFACEBOOK Start doing it now. #DELETFACEBOOK, and the women you will wow. (With apologies to Cole Porter).

https://www.facebook.com/help/delete_account

My other facebook posts.

Delete your Google+ profile

Google+ is what happens when you try to take on an incumbent, don’t communicate your vision, and then leave the rotting carcass to fester and be eaten by the maggots. In this case the maggots were a

security vulnerability that exposed the private data of up to 500,000 users

It turns out Google knew about the vulnerability back in March 2018, but decided not to disclose it as, as far they know, it hadn’t been exploited. If your data was upto date and complete, there was enough there to perform a rudimentary phishing attack.

In my case, my phone number, location and a number of other items were out of date, so I didn’t wait to find out what Google were going to do, I just went ahead and deleted my Google+ account. Google has also announced they will kill Google+ although it’s not clear completely what will be removed.

In the post Google+ world, it’s been clear for a while that Google is moving much of the community and information sourcing features into Google Maps.

Here is a link if you want to go ahead and delete your Google+ profile instead of waiting for Google to clean up the mess.

Source: Delete your Google+ profile – Google+ Help

Why You Shouldn’t Use Facebook to Log In to Other Sites – The New York Times

This is a good explanation of why it is way past time to stop using your Facebook ID to login to other sites. Personally while I still occasionally wish I could login to facebook to check on relatives, otherwise I don’t miss it at all.

No matter what facebook do, there will continue to be security and privacy breaches like this. Facebook wanted to become “the web” and along with that aspiration, they also became a focal point for all the hackers, scammers, and those wishing to game the system.

#deletefacebook

 

Source: Why You Shouldn’t Use Facebook to Log In to Other Sites – The New York Times

Amazon’s $15 Minimum Wage Won’t Change How Americans See Work – Bloomberg

n 2017, the real median household income in the U.S. was $61,372, which is roughly what two earners with full-time jobs making $15 an hour would make.

I remain totally confused about class as a term to classify people in America. This article is a prime example. While overall this is good news, if $15-per hour helps the middle class, how little do you have to earn to be working class? And why is that term never used?

As far as I’m aware the amazon deal doesn’t include health insurance, which effectively means before taxes, you’ll have to work for nearly 1-week in 4 just to pay for an individual plan, for a family plan, you’ll be working for just over two weeks every month just to pay your health insurance premiums. Then there’s food, rent, transportation etc. and so who knows where you are going to find the average $4,533 deductibles if you do get sick. Rather than working class, you are the working poor.

If two people have to work for a couple to survive they are working class. Telling them they are “Middle class” if they earn more than $22 is just a great example of gaslighting. To be middle class,  surely it means when one of you can chose not to work.

Source: Amazon’s $15 Minimum Wage Will Won’t Change How Americans See Work – Bloomberg

Keeping Notebooks

Last week, those of us paying attention watched the bizarre spectacle of Supreme Court nominee, Judge Brett Kavanaugh getting emotional about his calendars. I’ve never kept a paper calendar, it alway seemed too much of a constraint. Around the year 2000, I toyed with keeping a planner/calendar online, thanks to the Internet Archive, I can still see my mad travel schedule.

What I have kept, since 1979, are notebooks. I still have most of them(*1), they are both interesting and dull. The changing over to a new notebook is always much more than turning over a new page, it’s more like the start of a new era. The notebook is a fabulous moleskin notebook, courtesy of First Line Software, given to me 3-years ago while I was still at Dell.new notebook

My last notebook was good for a couple of years. It contained notes, to-do lists, project activities and more. Most of this was about my transition from being an executive at Dell, to being a husband and stay at home dad. It also covers some epic projects, which like my prior IT career, didn’t always go well. These included trying to get to grip with the US Medical billing system as my heart attack; also the epic screw-ups made by FRSR llc of Broomfield while landscaping my backyard.

Some of my old notebooks cover key developments in both my career and technology. I have notebooks over the period 1983-1985 as I grappled with learning how the US Banking system worked, the requirements of systems such as the SWIFT banking, interconnect system; virtualization of operating systems on 12Mb memory systems; working on protocols to transfer data between dissimilar architecture an data format systems, which lead to the precursor to the ARC file format, which lead to the Zip file format; later notebooks cover my introduction to X.25 Networks as we built out a worldwide financial services network; and then my whole career at IBM, including the arrival of the World Wide Web, and so much more.

Apart from the recollection and reflection. notebooks, correctly dated and annotated can have real value for technical architects and programmers. During a patent dispute in 1998, I was able to return to a notebook from 1985 and prove that the disputed patent wasn’t unique, even though I no longer had access the system we’d implemented it on, and the system was no longer in existence. While it the patent wasn’t invalidated, it did save us a massive licensing fee.

I look forward to all the events, actions, projects and plans over the next couple of years. Keep a notebook.

*1 It all went wrong for a few years when the Filofax was a thing.

The State of American Immigration

The state of American immigration is misunderstood, misapplied and subject to a lot of hysteria.

To me it continues to amaze that a country where you can drive for hours east and south in Colorado, west in Texas, and pass nothing. Absolutely nothing. I’m sure there are other US States where you can do this, I’ve just not driven through them.

America, with a number of Western countries, not least mine, the UK, have created massive disturbances and in some cases, wars persist as a direct result of our actions. Yet we have largely uninhabited geographic areas as big as some of these countries.

TAL covers a number of the key areas of Immigration, how it works, who is doing what, and what has been changing. It’s worth an hour of your life, if you don’t have that, Act 2 is especially worth it.

TAL
Let me count the ways

Data Interchange and Interoperability in Healthcare

I recently had to go for x-rays on my hip. The imaging company called saying they’d received the “order” from my chiropractor for a knee arthrogram without contrast.

Apparently, this was both wrong and confusing. It’s wrong, because the “order” said hip, but they couldn’t read it; also it’s confusing because, well something to do with x-ray and contrast.

After a short discussion, it turned out the imaging company received the order by fax. Yes, real actual paper fax. The US medical profession still seems to run on faxes. My prior cardiology hospital sent my medical records to my new cardiology Dr via, yes, paper fax. Hospital-1 printed the records to a fax based printer driver, which sent them uing a fax protocol to Hospital-2. Apparently Hospital-2 receives as images in a variation of the TIFF file format.

In the case of my PT, no such luck. Handwritten, manually faxed, received by paper. Even if there had been no problem this created a HIPPA privacy and security cost. In this instance, the cost to clear up the confusion likely cost almost as much as the actual hip x-ray, as that was all that was needed.

While I know there are data interchange standards in the USA for medical records, or as they are called PHRs, it seems there still nothing that is universally adopted. When I contacted my new cardiology hospital and offered my PHR in (Epic Systems) Lucy format, they declined and asked for them to be faxed.

There are a growing number of apps for both ios and android that support EHRs (electronic health records) however, for the most part these are tied to a specific hospital and/or medical group. A good example is the Epic Systems MyChart app. It can read the data from my former cardiology provider, including details of my ER/and cardio surgery and the prescriptions I was given. I can export the data using the Hospital groups website, and that’s it.

Unless you choose your medical providers not on their medical excellence, but their ability to import your lucy records, this is no use at all.

The Big Boys are doing data interchange

My interest was sparked by the recent announcement from Google, Microsoft, Twitter and Facebook introducing the open-source Data Transfer Project (DTP). For the more technically interested, you can read the DTP Overview here.

Ultimately it doesn’t look that different from the Enterprise Service Bus implementations we were working on 15-18 years ago. Same core concept, n-n interchange and interoperability. Same basic extensability through adapters and shared protocols.

I have to say, the use cases given for DTP are pretty weak. Conceptually, though there is much potential for this architected “Share…” facility. One of the key failings of DTP is that there is no ability to delete data, sure you can share your data to more sites/services but the DTP as specified doesn’t allow you to leave.

However, the most disappointing thing about this announcement is it’s aimed at allowing you to move your videos/photo’s, social media posts, and hopefully subscription platforms among the services supported.

To become a supported platform there are a few fairly simple architecture docs and then you have to build plugins or adapters to interface to the service to be able to send/receive data.

Ho hum. Boring. There is definitely space for big tech co’s to innovate around data interchange, but who cares about social media. I want to be able to pay for a PHR service, where I can store and control my medical record. Where I can grant access rights and authorise medical providers to retrieve my data, where I can see my medical records from across the providers etc.

I’m hoping that someone will point out this already exists, or that Nigel or Tom, who both now work in Helathcare will tell me why this isn’t a good idea. The USA is in desperate need for data interchange but it isn’t for social media.

FURTHER READING:

  1. Paper on moving from paper to electronic records and the associated problems.
  2. Review of numerous leading healthcare records mobile apps.

 

Maternity medical crisis

As we approach this year’s open enrollment period for health insurance, I continue to be shocked and disappointed about almost everything I learn about the US Healthcare system. Before I return to notes about my own experiences and my own health, maternity care is another healthcare topic that doesn’t often get discussed, as the average American prepares to pay more than $10,348, per person, per year on healthcare.

While many argue about the definition of single payer, and if it would lead to socialism (and what that is?), the inefficiency, mistakes, cost and just outright expense of what should be routine treatment, continues to make me despair.

America has healthcare snobs, millions of them, they just don’t realize that while they might have great access to medical facilities and Doctors, that doesn’t mean it’s always good, or that the system acts in their best interest. However, any suggested change is met with claims of death panels, socialism and more. Oft heard is also they ‘don’t want the Government in the healthcare.’

Even I was left speechless as I watched a recent CBS Sunday Morning segment on maternal healthcare. Among the points made were:

  • U.S. “most dangerous” place to give birth in developed world
  • The United States is ranked 46th when it comes to maternal mortality. That’s behind countries like Saudi Arabia and Kazakhstan.
  • “Sixty percent of the deaths in the United States are preventable,”
  • At least two women are dying every day

And it’s not about access to healthcare; it’s not about the poor without insurance; yes, there is a racial element, but it’s not what you’d think. Here is the entire segment, well worth watching before you enroll this year.

| Edit: The embedded video doesn’t apparently load in some browsers, so here is a direct link to the CBS This Morning web page. https://www.cbsnews.com/news/maternal-mortality-an-american-crisis/

Can it be true that women giving birth in America are more at risk than women in dozens of other countries?

Kohl’s and Car Oriented Development

Back in July, @_anthonyhahn wrote an article which appeared in both the Daily Camera and the Colorado Hometown Weekly about a potential new Kohl’s store in Lafayette CO, and what that meant for the Louisville CO store.

While pitting the two adjacent cities against each other in a battle for sales tax is valid, it totally misses the point about all the new development around the 287 Corridor, north of Lafayette.

At the time, I wrote a letter to the editor of the Colorado Hometown Weekly and sent it in. I just got to checking, and as far as I can see, it never made publication for either space, or editorial reasons. As always, waste not, want not, here it is. Comments?

FOR PUBLICATION

Re: July 11th Anthony Hahn Kohls move to Lafayette

I’m a Louisville resident, but this isn’t Louisville versus Lafayette, it’s the past vs the future.

How much longer can we continue sleep walking into the future with car oriented development?

The city of Lafayette believes a new Kohl’s on 287 is worth, and will pay off its $2-million subsidy in 2-3 years. Add to that the limited benefit of some extra jobs, and extra sales tax receipts during construction. It still means the Residents will have to shop hard, and drive regularly to make another out of town store pay off.

Louisville development director Dejong says the McCaslin corridor tax receipts are up year on year to $420,000, but that’s from a whole lot of small stores and restaurants that are almost always busier than any of the big box stores. Kohls will need to do much more than it does with it’s Louisville store to make it work. The current store in Louisville often looks like it’s been ransacked by people on a scavenger hunt, and the parking lot is frequently less than 1/4 full.

Kohl’s itself we likely be shielded from a failure, tax write-offs against losses, writing off development and moving expenses. The development company, Hix Snedeker can do the same. It’s not the McCaslin corridor thats in economic crisis, it the whole sector.

It’s always easier to build new development, urban sprawl has funded and driven America for the last 80-years. The real question is, what does this contribute to the community? More driving, more concrete, more parking spaces? The 287 location certainly seems more attractive than the current Louisville location, it has more passing traffic in a superficial way. The question is how many will stop, rather than shop online and have it delivered at home?

Lafayette residents should ask, is this worth the money, the tax breaks, etc. ? What type of development do they want, and is this the right type of development rather than just easy development?

Mark Cathcart

Legislating hacking/data exposure responses

I don’t know enough about the European Union General Data Protection Regulation (GDPR) but at least on basic reading it seems inadequate in meaningful individual action requirements and legislation that benefits the actual user/person whose information has been exposed.

I’ve been signed up for haveibeenpwned an excellent website by Troy Hunt. You enter your email, and it tells you what breaches your personal information has been found in.

I was going to say “if any”. But of course your data will be there, especially after breaches like the River City Media (RCM) “spammer gate” where 1.4 billion peoples’ email accounts, full names, IP addresses, and often physical address, were exposed. Suffice to say, my two primary email addresses have been exposed in more than 20-breaches.

haveibeenpwned was a great start. CapitalOne, at least among my financial providers, has stepped up the game significantly. Their creditwise arm has incorporated Credit & Identity Alerts in to the app and website. Numerous times recently I’ve received alerts, and while initially the alerts didn’t contain enough information to take action, the most recent alerts have had all the detail I needed.

Creditwise Email
Email alert from Creditwise
Creditwise Alert
via website or app

Among the websites my data has been exposed this year include:

  • linkedin.com
  • kickstarter.com
  • ticketfly.com
  • bitly.com
  • myspace.com
  • last.fm
  • zomato.com

Some of these websites did individually send emails disclosing the breach. Of these, only ticketfly had any form of financial data that might have been breached. I have all my emails from them going back to 2012. Not a single word about a data breach or other exposure of my personal data.

The same is true for more sites than not. No notification. When you login to the site to at the very least, change your password to a new unique one, they more often than not also give you no indication. For many of them it’s also nearly impossible to find out how to delete your account. In the case of ticketfly, I submitted a trouble ticket asking how to delete my account but retain tickets for future events, so far nothing but a generic ‘we’ll get back to you’ response.

It’s time for legislation about what websites/businesses are required to do when they find a data breach. They must be held accountable, and not just through financial penalties that mostly just go into government coffers.

I’d like to see at a minimum:

  1. Mandatory requirement to notify by email, and if the business has a real mail address, by mail.
  2. A default opt-out and deletion period. At discovery, if data breached includes significant personal and/or financial data, the account must be deactivated. After notification, if the business has not heard from the user whose data is breached within 14-days, and the account is not already deactivated, it should be deactivated.
  3. Recovery of a deactivated account should NOT depend on any data exposed in the breach.
  4. When the user whose data is breached logs-in to their account following notification or during account recovery, they must be presented with clear information on what data was exposed. Two, they must be given a simple option at this point to permanently delete their account.
  5. If the user opts to delete their account, any consequences of the deletion must be made obvious at that time. For example, in the case of ticketfly, where I’ve already paid for tickets to future events, those tickets must still be available to me, even after my account is deleted.

In the era of “big data” and “everything online” the only way these businesses/websites will really put privacy and security first is not fines. It’s the actual loss of the customer/user and their data. These companies are often over valued, and paying government fines is just moving magic money from one bucket to another. It has a short term impact on their profitability, their quarterly results, not much else.