Rebekah Campbell:
As our conversation drifted from an update of my company to a deep discussion about life itself, I asked him what he thought was the secret to success. I expected the standard “never give up” or some other T-shirt slogan, but what he said took me by surprise. “The secret to success in business and in life is to never, ever, ever tell a lie,” he said.
Fantastic read.
When I posted about how I thought adding tagging tools to Keyboard Maestro was going to be a big deal, I hadn’t even used it yet — so here’s my first macro to use them. For me the biggest part is the fact that I can now start to use tags because I can quickly add them, whereas before it was far too much clicking of the mouse to tag files.
Here’s the setup:
And here is the one to remove all tags:
There are currently four options for working with tags:
All in all Keyboard Maestro has fixed the biggest drawback to using tagging instead of folders: mouse management of tags. I think this will getting me using tags a lot more.
UPDATED (on Apr 2, 2014): The macros were updated after the developer told me I was doing it the long way.
Marco Arment recommends moving to FastMail to ease our email privacy woes:
I continue to recommend buying your own domain and pointing it at either your own IMAP server or a dedicated, paid, standard IMAP host. (I’ve used Fastmail for 7 years and have no complaints.)
Eighteen months ago I moved all my email hosting from Google Apps to FastMail. It was becoming clear that Google sometimes kills free services that people rely on. It seemed safer to pay a company that focuses on hosting Email, a company that isn’t distracted by building self-driving refrigerators or deep-sea Internet balloons.
I hate maintaining infrastructure, which ruled out running my own mail server. At the time, the only paid hosts with kudos seemed to be Rackspace and FastMail. Marco Arment recommended FastMail. Nobody recommended Rackspace. I chose FastMail.
Switching from Gmail to FastMail was simple, just a few DNS records to change. ((The only complication was having two domains in one FastMail account, which meant using “personality aliases”. Receiving email from several domains into a single FastMail account is easy but sending from a different personality requires some slightly obscure setup.))
Since switching there’s been no noticeable down-time. Email seems to be delivered promptly and spam filtering seems as good as Gmail.
Is switching from a free email host worth the effort? Does switching for privacy reasons make sense?
There are two big problems with Email privacy, one is identity; how do you know that only the intended people are reading your message? How do you know that the sender of an Email is who they claim to be?
The second problem is that almost all Email is sent over the open Internet in plain-text, which can be read by anybody with access to a server on the path from sender to recipient. Do you trust all of them?
Unless we start building personal trust networks (exchanging and verifying public/private keys) and encrypting our email, then we should probably give up on email privacy. When communicating in plain text over the public Internet we should assume that our messages are being read by third parties.
It doesn’t matter if we self host, pay a dedicated Email host with a simple privacy policy or use a giant advertising-supported technology company’s Email service for free. Email privacy without encryption and trusted, verified identity is an illusion.
Google and Microsoft are big companies with shareholder mouths to feed, and they make money by doing amazing things with data and selling those data to advertisers. I don’t begrudge these business models, but they complicate our provider-consumer relationship because now we’re sandwiched between the advertisers and the email host. Suddenly it’s a love triangle.
We know that advertisers pay handsomely to put their products in front of us. The free-to-use, ad-supported email host knows that the content of Emails allow them to show more relevant ads. That’s a more valuable service to both consumers and advertisers.
But complicated relationships become tiring. What used to be a simple exchange of personal data for services begins to feel creepy.
My relationship with Google reminds me of the sequence in the film Groundhog Day where Phil (Bill Murray) spends many Groundhog days learning everything he possibly can about Rita (Andy MacDowell) in an attempt to get her into bed. By the end of the sequence Phil is trying so hard to impress Rita by using what he’s learnt about her that he comes off as a phony. Instead of making him more effective at selling himself to Rita, Phil’s targeted advertising just makes their interactions feel forced and he seems increasingly desperate and creepy.
FastMail’s business model and privacy policy is simpler. My relationship with them is simpler. FastMail provide email hosting. I pay them money. They only read my email in order to prevent spam and provide a good service, so they say.
To force the Groundhog Day metaphor, my relationship with FastMail feels more like Phil and Rita at the end of the movie, when Phil gives up his incessant data collection and starts using all his time to make other people’s day as great as possible. Rita falls for him because he’s turned into this genuine, cool (freakishly talented) guy.
Can I trust FastMail with my privacy? It’s an Australian legal entity, which is harder for U.S. and U.K. intelligence services to bully. FastMail’s privacy policy says it will turn over my data to law enforcement if ordered by a federal warrant issued by an Australian judge, which is comforting, but in 2013 Telstra proved that at least one Australian company is willing to assist foreign intelligence services without a warrant.
When I emailed FastMail to ask about its history with warrants and whether it discloses requests to customers, director Richard Lovejoy replied:
We receive a very small volume of warrants, and currently I deal with them all personally. They are virtually all connected to ongoing criminal investigations, and often we are prohibited from notifying the user. In the cases that we are allowed to, I would normally send an email to the user concerned.
I can only take FastMail at its word. I’m still sending Email in plain-text and hoping that nothing I write incriminates me or lands me on some government blacklist. The main difference between FastMail and free email services is that FastMail’s entire financial success rests on people trusting it enough to continue paying for email hosting. No company that sends and receives plain-text messages on your behalf can guarantee your privacy but you have a choice. You can date the sincere nice-guy or the creepy, polyamorous show-off.
Brad Smith for Microsoft:
Effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer’s private content ourselves. Instead, we will refer the matter to law enforcement if further action is required.
Finally.
Interesting test of fake broken versus real. It worked better than I thought it would.
One of Michael Lopp’s travel tips:
My travel tip is this: every three months, sit down on the floor of your office, take whatever bags accompany you around the planet, open them, and pour the contents on your floor. From there, you are making two piles: shit you need and shit you think you need. My advice: obvious need is easy, and if there is any question in your mind regarding need, put it in the other pile.
I apply this tip to my bag I carry everyday, and do this about every month. I dump it all out and figure out what is unnecessary crap accumulated in my bag from a one time need. I lose a lot of junk every month, junk which would have otherwise kept accumulating. In fact, one thing that is nice about testing new bags is that I clean things up more often.
It takes me about 10 minutes to dump it all out and put it back together, and I’d still do it if it took me thirty minutes.
Probably the best VPN to use if you don’t really want to have to think about VPNs just got a lot better. I love the new UI, but more than that I think it does a very good job helping people understand their security level in a very basic sense.
Cloak 2 adds brand new one-time passes for when you need the security of Cloak but don’t want a full subscription. We’ve also made a huge price reduction to our Unlimited plan, which now costs just $9.99/month.
Unless you have a VPN already setup, it seems to me this is a no brainer to install and then just use hourly if you don’t think you will ever need it.
This is going to be huge:
Added support for Mavericks Tags.
I can wait for June to fully dive into this, but nothing about what I am seeing is exciting. Where is the collaboration — that’s critical these days and I fear OmniFocus may never add it. What, do they work in isolation?
Matt Gemmell:
I understand that slotting an article into someplace like Medium may be a quick way to get some readers, but using it as your regular outlet seems like a huge mistake to me. If you have enough to say that you want to publish something of substance for a wide audience, your ultimate goal surely has to be to publish it yourself, in your place.
Really interesting thoughts from Gemmell, and while I don’t wholly agree, he makes a strong case.
This is a simply fantastic new whiskey distillery in Seattle. My good buddy and I went and did a tasting (a generous tasting I might add) of all three of their whiskeys and I was genuinely blown away. The Deacon Seat was by far my favorite, but I also got a bottle of the American Single Malt.
Highly recommended.
The Panzer:
Facebook has announced plans to purchase Oculus VR, the company behind the Rift headset, for around $2 billion in cash and stock. This includes $400 million, and 23.1 million Facebook shares. An additional $300 million earnout will be paid in cash and stock if Oculus hits certain unspecified milestones.
Where does this money come from — this is bananas. Facebook sure is starting to feel an awful lot like Yahoo back in its prime.
Great tips and amazing photos. I've always wanted to be in Tokyo for the blossoms, but I've only managed October and January so far. Bucket list for sure.
Michael Maiello:
When the government operates in secret, there is little hope for change. The public can have no opinion about what it doesn’t know. Obama’s proposal is an admission that Snowden was right. It doesn’t make sense to insist that the citizen who prodded his recalcitrant government into action should be punished.
I wrote a little update about the new Dark Sky for The Sweet Setup.
Richard J. Anderson takes a contrary stance about my post the other day, saying:
I’m really not happy about the idea of my government poking through my email either, but I’m not going to blame Google for that. We can address these issues, and educate people about what they’re giving up when they sign up for free email services, without the intolerable air of technological privilege. I suggest people like Ben Brooks try that, before being smug about how secure his ivory tower is.
Anderson is upset with the fact that I have “an intolerable air of arrogance around their idea of self-hosted email”. That’s fun.
For reference, the entirety of my arrogance was:
So, unless you are totally fine with your email being accessible to the government, and the company hosting it, I suggest you go host it yourself.
In fact I would argue the most arrogant part of my post was:
I personally don’t even like emailing people who use Gmail.
That’s an arrogant statement for sure. But I don’t see how I am arrogant because I pointed out the flaws with not self-hosting your email. Even Anderson concedes:
We can address these issues, and educate people about what they’re giving up when they sign up for free email services, without the intolerable air of technological privilege.
Pretty sure all I did was point out the issue. Now, on to his real beef: that it is somehow hard to setup email hosting for yourself. If you can edit HTML, you can setup your own email, and keeping the server patched is dead simple.
Actually the worst part of hosting your own email is the cost of it all.
Don’t take me to task over the idea of technical difficulties, because hosting a Mac mini at macminicolo.net and setting up email is almost trivial work (with millions of easy to follow guides and ready help) — no — take me to task over suggesting everyone buy a Mac mini to host their email on.
I haven’t set up Fastmail ((I’ve asked a buddy to write something about it for me.)) , but I am guessing setting up your own email server and setting up Fastmail is just about the same level of technical skills. That is: DNS changes and clicking things while following instructions.
Using OS X Server to host your emails was the easiest part of setting up the Mac mini server — truly. I don’t know how to do it on linux/unix, but I am sure there are a few guides out there.
Two more things before I let this go:
There is no fool proof email hosting setup, as you are always at the mercy of the person receiving your emails and how they store their end of the chain. There is a real, true, and active risk with hosting with Hotmail and Gmail right now — both companies can turn over your data without telling you, and actively mine your data for their own gain — that’s dangerous if you ask me. The only way around that, the only solution I like, is to host email yourself.
Charlie Savage:
Under the proposal, they said, the N.S.A. would end its systematic collection of data about Americans’ calling habits. The bulk records would stay in the hands of phone companies, which would not be required to retain the data for any longer than they normally would. And the N.S.A. could obtain specific records only with permission from a judge, using a new kind of court order.
I'll believe I when it is law. Until then it's just empty words.
Only $51 with Prime. Nice.
Bruce Schneier:
Okay, so you say that you haven’t provided any data stored outside the US to the NSA under a national security order. Since those national security orders prohibit you from disclosing their existence, would you say anything different if you did receive them? And even if we believe this statement, it implies two questions. Why did you specifically not talk about data stored inside the US? And why did you specifically not talk about providing data under another sort of order?