Hunter Walk with a neat idea for dealing with Twitter trolls I’ve not seen suggested anywhere else:

Basically the concept that when an @name is inserted into the tweet, it becomes targeted, the difference between just expressing an opinion about a person and the desire for that person to see the opinion. For example imagine these two tweets:

“Hunter Walk is an asshole” vs “@hunterwalk is an asshole”

The former doesn’t appear in my mentions. The latter does. I never see the first unless I’m actively searching for my name on Twitter. The latter does regardless of my desire to interact with the sender. Accordingly, once an @name is included, the standard for harassment should be lower, because intent can be assumed.

Source: Twitter Trolls Should Lose Ability To Include @Names in Tweets | Hunter Walk

So after the preamble, which should give you a frame of reference to what I’m aiming to do in this mini-series of posts about improving my online privacy and security, this short post will talk about the first steps I’m taking to tighten everything up. As this is all at the very beginning of my learning journey, all of these might change in the future. If they do, I will update the post and add a comment below.

In this post I look at two of the fundamentals of privacy on the web: the web browser and search engine. I’m mainly looking at the desktop for now, rather than mobile, mainly because it’s simpler to focus on one thing while I wrap my head around this stuff!

A Change of Browser

I’ve been using Chrome for years, after it usurped Firefox as the “fast, alternative” browser for Windows. These days, Chrome has become seriously bloated – it’s routinely consuming multiple gigabytes of RAM on my desktop. It may be (usually) fast despite of that, but it slows the rest of the computer. What’s more, it’s so deeply wired into Google’s ecosystem that it’s arguably as much a data hoover for Google as it is a browser.

So I was in the market for a new browser to begin with, and I was looking into alternatives like Chromium or Opera. But once I started diving into things a bit more, pretty much every recommendation for privacy-minded software recommended good-old Firefox, so that’s what I’ve gone with. I followed the configuration guide at PrivacyTools.io, as well as:

  • Turn on Do Not Track
  • Set Firefox to never remember my browsing/download/search/form history
  • Never accept third-party cookies
  • Only keep cookies until I close the browser
  • Never remember logins for sites
  • Turned off Firefox Health Report, Telemetry, and Crash Reporter

Extensions

Most of the extensions I had installed in Chrome were privacy-minded anyway, so were equally applicable to Firefox. Some additions came recommended. At the moment I am using the following:

Mobile

The situation on mobile (in my case, iOS) is a bit less clear. For now I’m not using the Chrome iOS app, reverting to Safari with the addition of a content blocker.

Downsides

The biggest issue with the above setup is it removes a few conveniences: remembering pinned tabs between browser sessions; having to login to websites every time you visit; having to retrace your steps to find a page in the future, if you don’t bookmark it at the time… that sort of thing. I might do a little tuning on this, relaxing the settings a little, but overall I think this might be one of those things that I need to live with.

A Change of Search Engine

Apart from a brief flirtation with DuckDuckGo a few years back, I’ve always used Google as my search engine. It’s constantly been the most reliable, fastest, and all-round best at what it does.

Even so, I’ve never been 100% happy with the fact that Google collects just about every data point they can, that it’s all wrapped up in your Google account, linked to everything you do in their other services, and made available for advertisement targetting (amongst who knows how many other things). As someone who’s had a Gmail account since they were invite only, I know Google has a fucktonne of data on me already; the genie is well and truly out of the bottle in that regard.

That doesn’t mean I can’t stop giving them more data. Sure, they’ll get the odd bit here and there when I use YouTube, or the odd email that hits my old, pretty much unused Gmail account, but that’s really it – if I change my search engine to somewhere else.

The obvious thing to do would be to revert back to DuckDuckGo, as I already have experience of it, and it’s accurate enough… but I wanted to try something different for the moment, while I’m still in the learning phase of this little project.

I tried all the recommendations at PrivacyTools.io. Searx generally gave me terrible results, but is an interesting idea; Qwant gave me some decent web results, but the included News results were mostly irrelevant, and I couldn’t find a way to turn these off. StartPage had been recommended in other places too, and overall was the best performing of the bunch – possibly not surprising, as it’s effectively a proxy for Google search, so seems like a win-win in this case. For now, I’ve set it as the default search engine in Firefox.

Mobile

For searches on my iPhone, I’ve set the default search engine to DuckDuckGo, as it’s the best of those available.

In 2017 I’m trying to be be a bit more privacy and security-minded when using the web (on all devices). I’ve been increasingly interested in these areas for a few years, and especially since the Snowden revelations, and recent events like the IP Bill, aka the “Snoopers Charter,” in the UK have pushed me further towards them. Over the next few weeks I’m going to look into (and try to document here) various things I can do to increase my security, decrease the amount of information applications and services can collect on me, and generally “take back control” of my online privacy.

I work in the tech industry, I’m fairly conscious about this stuff, and understand a few of the elements and technologies, but it’s really a very basic understanding. What I do know might be out of date. At this stage it might be too little too late… right now I don’t really know.

Upfront: I fully recognise that if the police/MI5/NSA/FSB/whoever really wanted my data, nothing I could do would be able to stop them.

security

Also upfront: even with that in mind, whatever I put in place won’t be considered “perfect.” What I’m looking to do is balance convenience, practicality, and security. If something is too difficult or fiddly to use, it will end up not being used.

Thinking specifically about the IP Bill, far too many agencies for my liking will have complete, unfettered access to what I get up to on the internet. Beyond that one example, the amount of web ad trackers we have to contend with nowadays is snowballing, as are the services amassing data to pay for those “free” apps we enjoy.

While it might be that none of these data collectors have nefarious purposes in mind (if you’re trusting), data security breaches are becoming bigger and more frequent. Data being stored is likely to leak or be stolen at some point, so the best you can hope for is to limit the amount of potentially harmful data1 being held.

On a lighter note, here’s a great spoof from Cassetteboy about the IP Bill

So all this is a bit of a long-winded preamble to saying look out for the future posts where I talk about what I have learned, how I’m applying it, any recommendations I have, and how you can do the same. The first post on some of the basics, and links to reading materials will be coming today/tomorrow. In the meantime, are there any tips or good sources you’ve come across? Feel free to share in the comments.


  1. Insert definition of what you would consider “harmful data if leaked” 


A new boxed game from Games Workshop, coming end of October/start of November, in the same style as Betrayal at Calth. New stuff includes plastic MKIII Marines, Tartaros-pattern Terminators, Legio Custodes, a couple of characters, and possibly more.

I’ve been looking forward to this release since I first heard about it back in March, so it’s great to finally get the confirmation it’s real.

Preamble: I’ve jumped back into WoW over the last couple of months. I’ve had an on-mostly-off relationship with the game over the last few years (since the end of Wrath of the Liche King, really), but the early promise of Legion brought me back.

I spent the time up until the launch 2 weeks ago getting acclimated to the game and all the changes I’d missed. I powered through Warlords of Draenor (WoD) in a few sessions, just through quest content (the massive amounts of rested XP helped a tonne!) then set about getting my professions up to max-level.

Professions in WoD very, very easy to level-up. I had both primary professions, and all secondary professions except Fishing maxed-out within a weekend1. If anything, I felt a bit underwhelmed by how easy it was. Between the Garrison and Auction House, it took very little time and money to gather everything needed to craft enough stacks of whatever recipe gave the most skill-ups2. Gathering professions didn’t take much effort either.


Professions in Legion are almost nothing like in WoD. In some ways it’s welcome; recipes have different levels of proficiency (1-3), which adds more interest to them. I haven’t found any recipes yet awarding multiple skill levels. There’s profession-related quest content – often to unlock a better proficiency – and even some of the new World Quests are profession-specific.

It’s just a shame that there’s one fundamental flaw: most of the progression is locked behind Dungeons. Take Alchemy as the prime example: after unlocking Legion Alchemy, you get 3 recipes with 1 or 2 more available from a vendor. These will give you a handful of skill levels at most. Beyond that, you have quests which require you to run dungeons to unlock more recipes. You have to run all of the dungeons in Legion, enter a busy free-for-all PVP area, and even complete a WoD Raid to unlock everything in Legion Alchemy. Other professions are similar.

I absolutely don’t mind having to work for progressing in professions, but this is disappointing. Gating them behind Reputations would have made much more sense to me, or some other mechanic which didn’t force players into LFG/LFR… The new World Quests are another decent candidate. In my experience most players in dungeons are just looking to speed-run bosses for gear upgrades and if you’re not OK with that they’ll make your life hell until you quit, or just /kick you outright.

It’s always been the case that the most lucrative recipes were acquired through dungeons… but these were optional/rare recipes, and mainly of interest to people looking to make serious gold on the Auction House, or needed to get it to help their competetive raid team. Levelling up your professions never needed these “high-end” recipes.

I stopped regularly running dungeons years ago because I had too many bad experiences with groups who were rude/intolerant of players “not as skilled” as they were/just plain assholes3. Since then, I’ve dipped in with ever more reluctance. I have zero desire or patience – let alone time – to deal with that again, and have zero faith it’s improved any. I’m sure I’m not the only player who feels like this, judging by posts on the Battle.Net forums and elsewhere.

For players like me, who have long turned away from the group aspects of WoW, professions are the end-game content4. Locking the means to meaningfully progress professions behind dungeons basically locks them away from us, unless we’re prepared to hold our noses and deal with aspects of the game we don’t necessarily enjoy.

It’s still early days for Legion, and even though I’ve hit 110 on my main, there’s still a tonne of other content I can play, for now. And other characters. I’m just hoping Blizzard do something to make the professions a bit more accessible in a future patch. They’ve achieved their intent to make them more interesting, I’m just not convinced they achieved the “fun” bit.


  1. Most of this was just travel time while levelling Archeology. 
  2. This was new to me – certain recipes giving more than 1 level at a time. 
  3. At first, LFG was a blessing compared to trying to organise a group through chat. Unfortunately it made it impossible to weed-out the bad-eggs before starting a dungeon. My feelings on WoW Dungeons are a topic for another time. 
  4. Alongside Reputations, exploring, lore, and Achievements. 

Lock Screen

Raise to Wake is a feature I’ve wanted for a while, so I love that. It sometimes seems a little sensitive, but I guess I’ll either get used to it, or it’ll be tweaked in a software update. The new behaviour of unlocking your phone without going to the Home Screen until you press the Home button seemed a bit unintuitive to me, I’ve changed a setting under General > Accessibility > Home Button to remove the press.

Notifications

Functionally, the new notifications are great, and will get better as more apps embrace the feature. Like others, I’m not a fan of the styling, which is very evocative of “Web 2.0”. Clear All is another minor feature I’ve wanted forever, so I’m glad that’s there; I just wish I hadn’t had to Google to discover it’s hidden behind a 3D Touch gesture. These hidden or unintuitive features and gestures are probably my biggest peeve with iOS 10 for now.

Related to the notification area, I don’t get why the “Today” widget area is duplicated here and to the left of the Home Screen. One or the other would’ve been better, at least in my opinion. Maybe because I never used the old “Today” screen, but did use the old search screen which used to be to the left of the Home Screen…

Messages

Overall I like the update, but I’ve found some of the new features to be really unintuitive to use. The message styles (hidden ink, balloons, etc) are hidden behind a 3D Touch of the send button – so if you don’t get it right you’ll find yourself accidentally sending the message before it’s finished. This is a very minor thing, but it does cause frustration. I also found the Digital Ink features to be confusing to use, and the associated gestures a bit hit-and-miss. “Playback” of these messages is also hit-and-miss: sometimes they play automatically, but most times they don’t.

This article from The Verge has a good rundown of the new features of iMessage and how they work.

Other

Being able to (finally) remove in-built apps is obviously something which has received some headlines. Surprisingly, I’ve removed fewer than I expected… I think it’s only Stocks, Tips, Find My Friends and weather. I’ve actually found myself switching to a couple of the in-built apps

If – like me – you were eying up the Volkite Weapon Kits from Forge World as a means of expanding the Betrayal At Calth box set, but we’re dismayed to find them sold out and “no longer available” (as opposed to “Temporarily out of stock”), then fear not!

Forge World have your back, according to a reply I got when I asked about the missing kits:

image

Not only will the weapons coming back in an improved form, but other kits will be getting a refresh, along with new accessory packs.

I’ve been using iCloud Photo Library (iCPL) for the last few months, basically since the day it went to Public Beta. It was one of the features I was most excited about for iOS 8 and OS X Yosemite. The idea is fantastic – all your photos available on all your (Apple) devices, and it’s integrated with what is probably your most frquently used camera, so new photos are automatically added.

When it works, it’s seamless and brilliant, and I can’t say enough good things about it… but this morning I turned it off on my iPhone and won’t be switching it back on any time soon.


Here are the two major problems I’ve had with it:

1. It causes (most) apps accessing the photo library to run extremely slow

Anytime I open an app which wants to access the photo library, that app tends to hang for a few seconds. This is easiest to see in something like Instagram, where if you go to add a picture, the icon in the bottom left which lets you select an existing image will show as blank for several seconds while it loads the first thumbnails. I’ve seen similar behaviour in the stock Camera app, and numerous image editors.

2. It absolutely destroys my mobile data allowance

I have a 4GB data allowance on my 4G data plan. When I have iCloud Photo Library enabled on my iPhone – even after syncing the entire library over WiFi before leaving the house – within a couple of days I will get a text message from my network telling me I’ve only got 200MB of my allowance left. This happens even after disallowing the Photos app from using mobile data, so it’s obviously some other process running in the background. To be clear: without iCloud Photo Library turned off, I have never been close enough to my data cap to trigger a warning; with it turned on, I use up my entire allowance within a few days.

This morning, in the space of 2 hours
This morning, in the space of just 2 hours

The first problem of slowness has improved with the iOS 9 public betas, but is still happening. A lot. It’s probably cost me upwards of £60 in increased mobile phone bills over the last few months. And this is before we get to other issues, including: either iCPL/the new Photos app screwing up the metadata on a whole bunch of photos1; occaisional sync conflicts2; problems caused by turning it off because of the other issues3.

By and large, I get the impression I’m the outlier. For most people, iCloud Photo Library works without issue and they’re happy with it. Hopefully it’s the same for you! But for me it just doesn’t work reliably enough without some serious downsides.

What’s your experience of iCloud Photo Library been like? Let me know!


  1. I found this one out when I tried importing my library into Google Photos and Dropbox for redundancy. Roughly 2500 photos no longer have any date information associated with them, so both services sort them into the day they were uploaded, completely ruining any logical grouping. 
  2. In iOS 8, if I quickly edited a new picture on your device, while it synced to your other devices, one of two things would happen; 1: only the edit would sync, or 2: your edit would be discarded when the sync finished. 
  3. What should happen is your iCPL photos are removed from the device, apart from the Camera Roll pictures on the device previously. Except, it usually turns into a crap-shoot as to which photos are kept. And sometimes, despite removing all these photos, the storage space isn’t freed up afterwards. Which is awesome when you only have a 16GB device. 

LotV-Screenshot-04

Never, ever pre-order games. That’s the general rule, especially given such recent debacles as the PC version of Arkham Knight.

But as with every rule, there are exceptions. The final entry in the Starcraft 2 series is – for me – one of them. Within 20 minutes of learning the pre-order for the digital editions was live, I had the deluxe edition ordered.

Starcraft is one of those rare gaming series I hold dear; I played the original on my very first PC, fell in love with the story, then had to wait over a decade until Starcraft 2 came along. When the first part, Wings of Liberty, arrived 12 years after Starcraft 1, I fell in love all over again, and all fears about how splitting up the game into 3 would work out. The 3 year wait for Heart of the Swarm was agonising — I loved the story being told so much I just wanted more!

Now we’re nearing the end, at last. The final chapter in the Starcraft saga will arrive sometime between now and March, and I can’t wait.

I have none, because we haven’t seen enough full information – in context – to make any informed opinions.

And neither have you. I get it, change is scary. But stop whining on the internet about AoS before you have all the information. Please? It’ll make the transition much more pleasant for you, me, and everyone else.

I’m flabbergasted by how quickly it all went from “ok, this looks like it could be fun and interesting,” to “ZOMG! The sky is falling! F-you GW! This is the most ridiculous and crappy game EEEEHHHVVAR!

And it hasn’t even been officially revealed yet. Careful; your knee is jerking so hard you might do yourself an injury.

I do have one final, parting thought to leave you with:

If you want a balanced, tournament-friendly (and 1st-party supported!) Fantasy massed-battle game that plays like a “Warhammer 9th” – basically what everyone complaining the loudest seems to be lamenting Age of Sigmar is not – then I humbly suggest you go check out Kings of War. 2nd Edition is right around the corner, with the beta rules available for free download. A number of Warhammer Fantasy armies port over to KoW with little-to-no modification or need to buy new models. It’s fast, deceptively simple, fun, well written, and actively supported. If you’re up in arms about AoS, it wouldn’t hurt to check it out.

I mentioned a few weeks back I was considering my choices for how to upgrade my aging computer equipment, and of the choices, building my own custom PC would be the most rewarding path to take. I swithered a bit on whether I really wanted to do this, but in the end I gave in to the temptation to build something entirely my own.

Great, I know what I want to do, now how do I get there? It’s been several years since I built a PC1, and I haven’t been keeping up with the trends, or what’s the latest and greatest in terms of performance, price, or anything really.

I had a few ideas of what I wanted – it needed to be small, as space in the office is at a premium. It needed to be as powerful as I could afford, so it would last a decent amount of time until it needed major upgrades, while being flexible enough to tackle many different types of task – development, gaming, photo (and potentially basic video/audio) editing, for example. In a perfect world, I wanted it to be as quiet as possible and look good.

The last few weeks have been spent doing research, going back and forward over potential configurations using PC Part Picker before settling on an outline of what I wanted. I took it over to /r/BuildAPC for a sense check, and was told my best bet was to change the graphics card for something more powerful than I had picked out. I rejigged a few things to make that possible, and ended up with the spec below:

Type Item
CPU Intel Core i5-4690K 3.5GHz Quad-Core Processor
CPU Cooler Cooler Master Nepton 120XL 76.0 CFM Liquid CPU Cooler
Motherboard Asus MAXIMUS VII IMPACT Mini ITX LGA1150 Motherboard
Memory Corsair Vengeance Pro 8GB (2 x 4GB) DDR3-1866 Memory
Storage Samsung 850 EVO-Series 250GB 2.5″ Solid State Drive
Video Card Gigabyte GeForce GTX 960 2GB Video Card
Case Silverstone FT03B-MINI (Black) Mini ITX Tower Case
Power Supply Silverstone 500W 80+ Gold Certified Fully-Modular SFX Power Supply

The graphics card might still be swapped for another, similarly specced one, but otherwise this is what I’ll be building in a little over a week’s time, when I have some time off. I’ll be talking more about the build, closer to the time, as I have a few things planned which will make it a bit more interesting than just a straight PC build


  1. It was in 2008. I checked my order history. 

Over the last couple of weeks, my iPhone 5S has been rebooting itself during the night. Once (last Saturday) it got stuck in a reboot loop on the Apple logo screen. Strangely, it seemed to be emitting some kind of tone every time it restarted… maybe that was my woken-at-3am brain imagining things, but I’m sure it also made a noise in the early hours of this morning when it rebooted.

The most annoying thing about this, is that it’s only happening at night, while I’m asleep. I know it’s happening because my lock screen tells me so, and I can’t use TouchID to unlock the phone. That, and the fact the display flashing up the stark white loading screen sometimes wakes me up. Throughout the day, everything appears fine. It’s really quite bizarre.

I’d reset the phone to factory settings, but there are a couple of security-related apps installed which would be a massive PITA to have to de-authorise and set up again.

Has anyone else experienced this?

Earlier on I was trying to find a way to “downgrade” a Google Apps account to a personal account. Well, I found a way. Kinda. Ok, not really – I slipped up and deleted my Google account.

I was a bit naive about what removing a Google Apps subscription entailed. In the absence of any clear documentation, I assumed hoped it would remove the baggage of Google Apps, leaving me with a normal Google personal account (especially as the account predated Apps). It didn’t actually remove Google Apps… but it did remove my access to pretty much every useful Google service. I was locked out of Drive/Docs, Browser Sync… everything I use on a regular basis.

It turns out, that if you want to delete Google Apps, cancelling your subscription is only a partial measure. Whereas in most services “cancel subscription” means “I’m done, so remove all my stuff and let me go” if you want to cancel Apps then you have to cancel, and then do the non-obvious step of explicitly deleting your domain from the service.

At this point, my choice was: buy a new subscription to Apps, putting me back to square one – only paying for it, or completely delete everything to do with the Apps account. So deletion it was.

Eventually I tracked down where in the mess that is the Apps admin area I could find the delete domain button, held my breath, and clicked.

Milliseconds later I was dumped out of Google Apps, and everything was gone. Everything.  Even the stuff you’d forgot about, like your Google+ profile, oAuth logins to other sites or logins on other devices, and accounts you forgot were merged, i.e. my YouTube account and subscriptions. My iPhone complained, WordPress complained, Feedly complained, Chrome complained, and so did many, many more! Years of settings, data, and integrations, gone in a button click.

Immediately I had a wave of regret, but also a slight sense of a weight being lifted. I no longer had to worry about the schizophrenic nature of my old account. If I wanted to try a new Google service, I didn’t have to wait for it to be Apps-enabled. Yes, a whole bunch of data was gone, but in a way, that was good. I would be starting over from scratch, without all the cruft that had accumulated over the many years.

So I guess it’s not that bad, really. Just a little inconvenient in the short-term. I’ve created a new account, relinked any complaining devices, and generally started rebuilding.

But please, Google, make the whole Apps/Account integration more user-friendly!