TidBITS: Comments on Watch TidBITS Presents “Protecting Your Digital Life”

Comment from Adam Engst

comments@tidbits.com (Adam Engst) — Tue, 28 Aug 2012 14:20:02 EDT

It is true that we're dependent on the sites we use to keep our information private, but it is up to us to make sure that a breach one of them doesn't open us up to breaches at others.

Comment from ghart

comments@tidbits.com (ghart) — Tue, 28 Aug 2012 14:17:23 EDT

You were wondering why I (and others) didn't attend. In my case, it's not because of a lack of interest: it's all about time constraints. I can get the same information in a podcast in <10% of the time from a written article. And indeed, I've done so from several sources, not just TidBits.

The larger problem is that no matter how responsible *we* are, we're still dependent on the security of the Web sites we visit. If they can't keep our information secure, then our best efforts are useless -- well, to be correct, less useful.

Comment from Rich Mogull

comments@tidbits.com (Rich Mogull) — Mon, 27 Aug 2012 13:57:25 EDT

For the record, I give a lot of corporate webcasts and they usually request they run over lunch.

Looks like some of you actually leave your desks during your breaks? Now *that's* a compelling idea :)

Comment from Rich Mogull

comments@tidbits.com (Rich Mogull) — Mon, 27 Aug 2012 13:56:24 EDT

Not really- remember that credit cards are pretty well protected as long as you check your statements. Adding another address won't really impede the attackers much, and to be honest it isn't that big a deal to you as an individual if your card number *is* hacked. That's why we focused more on the "digital life" as opposed to financial fraud, since losing your online identity is far more damaging (potentially).

Comment from Rich Mogull

comments@tidbits.com (Rich Mogull) — Mon, 27 Aug 2012 13:55:04 EDT

Yes- iOS is more secure and the apps are all sandboxed, so it makes it nearly impossible someone could, for example, hack your iPad and pull the passwords out of cached storage.

Comment from Chris Kohuch

comments@tidbits.com (Chris Kohuch) — Mon, 27 Aug 2012 13:21:21 EDT

Like many it's a work scheduling conflict for me. I'm perfectly happy to watch the recording after the fact though.

Comment from Adam Engst

comments@tidbits.com (Adam Engst) — Mon, 27 Aug 2012 10:02:30 EDT

I'm perturbed about the start of these things, and I'm open to suggestions. The problem is that people cannot see anything until we make it live, and then it takes a few minutes for people to collect. In this one, we waited 5 minutes (not 15!) for the attendance to settle down, and then we started. The alternative is to start exactly on time and know that nearly everyone will be missing some what's said in the first few minutes. Perhaps we'll try that for the next one, since waiting a few minutes clearly isn't working perfectly.

As far as laughing at each other's humor, I don't think I can mandate that people don't react to each other in a panel discussion. Certainly, it would be preferable if the audience could be seen reacting, but that's just not possible with Google Hangouts On Air (or any other live videoconferencing solution I'm aware of).

I wonder if part of the confusion is that these truly intended to be and are live events, and should be viewed as such, and NOT as carefully planned and recorded presentations that take place under controlled conditions and with significant post-production. They aren't off the cuff, but they are live.

If you pay hundreds or thousands of dollars to attend a conference, you'll get very much this sort of experience. There's a room you go to at a particular time, and usually you arrive a few minutes ahead of time to get a seat. If there's a single presenter, he'll be on stage, pacing around, checking mic position and getting slides set up and the like. If it's a panel, they'll be sitting on stage, chatting with one another. Obviously, starting on time isn't a problem there, since the room can be open early. And as far as laughing at each other's jokes, I've been on a ton of panels over the years, and I can assure you that everyone does this.

Does that make sense?

Comment from Layne Hoppe

comments@tidbits.com (Layne Hoppe) — Sun, 26 Aug 2012 19:25:36 EDT

Dropping from 200 to 65 viewers is not surprising to me. Beside the various reasons given I would add that fooling around for the first 15 minutes or so is annoying, as is laughing at each other's humor. Raise your production values; bring them in line with your excellent books.

Comment from John Crosby

comments@tidbits.com (John Crosby) — Sun, 26 Aug 2012 14:08:10 EDT

Since Honan's hack demonstrated that a physical/street address is not hard to find, what about using a PO Box for credit card billing addresses rather than a street address. Would this be a good safeguard?

Comment from Eduardo Sanchez

comments@tidbits.com (Eduardo Sanchez) — Sun, 26 Aug 2012 00:54:11 EDT

My wife and I just watched this presentation. Good job, everyone. We look forward to a Take Control book on this subject. :)

Comment from Adam Engst

comments@tidbits.com (Adam Engst) — Sat, 25 Aug 2012 12:31:52 EDT

Glad you liked it, Norbert!

We certainly could summarize the video in text, but I'd have to think about the goal of doing that - we're doing the videos in the first place because we think the topic lends itself to in-person explanation better than straight text for one reason or another. And if the goal is to encourage people to watch the videos, summarizing them makes it all the less likely they would.

As far as protecting yourself from access via the Internet, that's a very different topic, in fact. For the most part, standard Network Address Translation in gateways like the AirPort base stations is more than enough, and people who know enough to port map through NAT likely understand that they are opening that port up to the entire Internet. That's far, far less common than the kinds of problems that Mat Honan experienced, and which any Internet user could suffer from.

Comment from Adam Engst

comments@tidbits.com (Adam Engst) — Sat, 25 Aug 2012 12:27:06 EDT

I think we'd need full-bore paid subscriptions to the presentations to justify anything near that kind of work, Edward. :-)

And I'm not really sure what the big win of having subsequent live presentations is, if they're going to be substantially the same as the recorded one, especially since people can always ask questions later here, or on the YouTube video, or on the Google+ post.

Comment from Adam Engst

comments@tidbits.com (Adam Engst) — Sat, 25 Aug 2012 12:24:59 EDT

Rich can chime in with details, but at the moment, iOS is simply a more secure operating system than Mac OS X, thanks to sandboxing, very limited multitasking APIs, and what it's capable of. Rich's specific point was that files on the iPad don't end up in system-wide caches, get backed up unknowingly via CrashPlan or Time Machine, and so on - if it's made on the iPad, printed, and then deleted from the iPad immediately, it really is gone as far as I'm aware.

Comment from Edward Brogan

comments@tidbits.com (Edward Brogan) — Sat, 25 Aug 2012 10:09:04 EDT

Adding to the comments above, time conflict was my issue. Suggestion: record a "presentation" and post it for comment. Take the Q&A from that and run 2 more sessions, spread across some major time zone split. That allows technical issues to be smoothed out as well.

Comment from Norbert E Fuchs

comments@tidbits.com (Norbert E Fuchs) — Sat, 25 Aug 2012 07:34:38 EDT

Did I understand Rich Mogull correctly when he said that he generated the "paper copy" of his most important passwords on an iPad because "it is my safest machine"?

If yes, why is that so?

Comment from Norbert E Fuchs

comments@tidbits.com (Norbert E Fuchs) — Sat, 25 Aug 2012 06:13:49 EDT

I watched your presentation on YouTube and want to thank the three of you for the wealth of information and the reasonable advice.

Since other people may not have an hour to spare to watch the video I wonder whether you plan to concisely summarise your recommendations.

One further point: I missed in the discussion how to protect yourself against illegal access from the internet, for instance using tools like LittleSnitch and VPN.

Comment from Derek Nations

comments@tidbits.com (Derek Nations) — Fri, 24 Aug 2012 16:25:49 EDT

I was unable to watch the presentation in real-time for the same reason as already stated by others. I did watch the you-tube delayed-time version and thought it had a lot of useful information.

Comment from Beth

comments@tidbits.com (Beth) — Thu, 23 Aug 2012 08:12:19 EDT

The reason I didn't watch the presentation was that it ran during lunch time here. (Eastern Time Zone). If it had been earlier or later in the day I would have watched. I am glad you have provided a link where I can go watch after the fact.

Comment from Adam Engst

comments@tidbits.com (Adam Engst) — Wed, 22 Aug 2012 19:10:44 EDT

Yeah, that's hard. :-) We already had Rich in Phoenix (Mountain time), me in Ithaca (Eastern time), and Joe in Paris (whatever his European time zone is), and I didn't want to start before 9 AM anywhere in the continental U.S.

Comment from Mark Gibson

comments@tidbits.com (Mark Gibson) — Wed, 22 Aug 2012 18:53:44 EDT

Well probably wont make much difference but a more friendly time for people not in the US might help. :)