Month: June 2013

My programmable world

Unboxing the Twine sensor

I've always enjoyed hooking together pieces of technology in new and interesting ways.

When I was a kid I rigged up a small water pump to a series of pulleys, rope and switches to squirt water at anyone (read: my younger sister) who opened my bedroom door without using a special trick to disable it first.

In junior high school I may or may not have programmed my 1200 baud modem at home to make a certain classroom's phone ring during a certain class I didn't mind having interrupted.

In my first apartment after college, I had motion sensors rigged up to turn on lights in rooms I walked into, and turn them off again when motion stopped.

I like figuring out how to make real world things talk to each other.  Which is why it seems I was destined to live in the emerging "programmable world," this Internet of Things that has developed and flourished in recent years.

I thought I'd share some of the different things I've rigged up to talk to each other in my programmable world.  Some of these have practical uses, many of them are just for fun.  Some of them are products you can buy yourself, some are tools I've created or enhanced with my own software.

Oh, and you should consider consulting with your spouse, partner or housemates before deploying these technologies in a production living space.

Continue reading "My programmable world"

Use the cloud, keep control of your data

Balloons in the Rose GardenAfter ranting recently about the choices we make to give "big data" companies access to our private information in ways that might be abused or exploited by government eavesdroppers, I thought it would be worth sharing some of the options I've found for using "the cloud" while also retaining a reasonable level of control over access to the data stored there.

This post has information about tools and software you can deploy yourself to approximate some of the functionality that third party services might provide, but that might also make you vulnerable to privacy and security vulnerabilities.  It's based on my experiences designing and implementing solutions for my own company, so it's mostly applicable to the interests of businesses and organizations, but may also be useful for personal projects.

A few important disclaimers: any time you make your personal or corporate data available on Internet-connected devices, you're creating a potential privacy and security vulnerability; if you need to keep something truly protected from unauthorized access, think hard first about whether it belongs online at all.  Also, the tools and services I'm listing here are harder to setup and configure than just signing up for one of the more well-known third party services, and may require ongoing maintenance and updates that take time and specialized knowledge.  In some cases, it requires advanced technical skills to deploy these tools at all, which is the reason most people don't or can't go this route.  Hosting and maintaining your own tools can often have a higher initial and/or ongoing cost, depending on what financial value you assign to data privacy.  Sometimes the privacy and security tradeoffs that come with using a third-party service are well worth it.

Still interested in options for using the cloud without giving up control over your data?  Read on.

Email and Calendar Sharing

Need a powerful, free email account?  Need robust calendar management and sharing capabilities? Everybody uses Gmail and Google Calendar, so just sign up for an account there, right?  Unless you don't want Google having access to all of your email communications and usage patterns, and potentially sharing that information with advertisers, government agencies or other entities.

Continue reading "Use the cloud, keep control of your data"

I have read and agree to the terms of service

NSA Seal

As revelations continue about the US Government capturing and monitoring online activities and communications, I'm glad (and, ok, only a little bit smug) to see that more conversations are happening about just what privacy expectations we should give up by using modern Internet tools and services.

Most of the mainstream conversation has been focused on what information "big data" companies like Google, Twitter, Facebook and Apple do or don't hand over to the government and under what circumstances, and debating where those lines should be.

The built-in assumption here is that it's inevitable that these are the companies that will continue to have access to our private information and communications. I grant that it's a pretty safe assumption - I don't foresee a mass exodus from Facebook or a global boycott on iPhones - but I do think it's important to note that this is a choice we are making as users and consumers of these services.  We are the ones who click through the "terms of service" and "privacy policy" documents without reading them so we can get our hands on cool free stuff, we are the ones who are glad to entrust our intimate exchanges to technology we don't understand.

A certain amount of naiveté about the security and privacy implications of the tools we use is understandable here.  When I've given presentations on email privacy and security issues, some attendees are legitimately gasping at the new understanding that their e-mail messages are traversing the open internet as plain text messages that can potentially be read by any number of parties involved in the management of those servers and networks.  The average user probably assumes that the Internet was designed from the ground up to be a robust and secure way of conducting financial transactions and sending suggestive photos of themselves to amorous contacts.

Continue reading "I have read and agree to the terms of service"