Data Product Managers: links

I'm planning a talk and discussion about Data Product Management for tomorrow's MeasureCamp Sydney. Here's my links to further reading.
Always up for a chat about this kind of stuff. Find me on Measure Slack.

Posted

The Unravelling - Nomads Like Us


Last night I popped out to see this short gig, The Unravelling by Melbourne composers Nomads Like Us. The show consisted of a number of short pieces synchronised to visuals on in the background.

I really enjoyed the show. Beautiful music and curious visuals. Musically I'd call the style sountracky?
Posted

How to protect your privacy online: notes for my paranoid friend

I've got a friend who seems to be paralyzed with fear of the tracking happening on the modern Internet. He barely dares turn on a computer. This is someone who was a very early adopter of the Internet, worked for many years building web sites and infrastructure.

This bit of writing will hopefully help my friend assess the risks and take appropriate actions to re-connect with the modern internet safely. It's generally applicable so worth reading to anyone.

How am I the expert?
I've been using the Internet since before the World Wide Web existed and built a career around being an Internet nerd. Building web sites, helping companies get online. Eventually the discipline of web analytics emerged and I got heavily into it. So much so that I started a very successful meetup nearly ten years ago that has grown into a fantastic community of practitioners who run a monthly meetup and an annual unconference.

Tracking peoples' behaviour on the Internet is what I do. I even have a bookmark folder labelled "Evil Tracking" which chronicles mechanisms people have developed to get around security limitations and track in ways you're not supposed to.



Then I got concerned
I never worried too much about all the tracking we were doing. For many years the default for people like me was to track everything you could and worry about how you'd use it later. It wasn't such a huge problem at the time because the technology was too primitive, the data sets too disjointed and no single player really had a thorough enough view of any individual's behaviour to be worrying.

The technology got better, the players consolidated into the now familiar omnipotent FAANGs (Facebook, Apple, Amazon, Netflix and Google) who could see vast portions of your online behaviour. There's a good chance that your behaviour right now is being tracked by some or all of those players. If you're reading this on my site, it's got at least Google Analytics on it.

My friend is right about what's going on: every app you open and web site you visit is tracking you and sending the data to powerful global players. Mostly they do this to target advertising at you with slightly more precision, then measure the impact of that targeting and advertising.

These days I spend a huge amount more time thinking about and taking action on privacy. The last few years I've spent a lot of time with lawyers, privacy experts and ethicists. I've also had a lot to learn about ethics, ethical reasoning, mechanisms to work through the implications of proposals and more general philosophical matters.

Match your action to your level of risk
If you're Edward Snowden, a dissident Uigher, an ambassador or spy, your level of risk is going to be much higher than an ordinary schlub like me. The Snowden leaks of the NSA's Taillored Access Operations show that if you're important enough for the spooks to put in some effort, they can physically intercept your hardware and install basically invisible stuff to monitor everything at the hardware level.

You and I are not those targets. Nobody cares enough to break into our house, open our laptop and solder in an expensive custom minutarized implant to send everything back to Fort Meade, Beijing or Tehran. It's sufficient for us to protect ourselves from the wholesale harvesting of data and not go to the levels of effort you'd need to have to protect yourself from the NSA.

Third-party dragnet tracking is easy to block
I'm not an absolute zealot on this. I run Android. My email and file storage uses Google. I watch a lot of YouTube. I have to be practical. However where I try to keep things under control is the vast range of uncontrolled third-party tracking on the web and in apps. Fortunately it's relatively simple to block the vast majority of this.

What I mean is that if you're visiting somesite.com and it's sending data to creepytracker.com, you can trivially block that and still use somesite.com without any negative impact to you. Needless to say if you go to creepytracker.com's site directly (or Google or Amazon etc), they're going to be able to track you. You have to pick the battles you can take on and the steps I take massively reduce my data exhaust being hoovered up. But I'm not invisible.

Browser and browser settings
The first level of protection is to use a browser that doesn't straight up invade your privacy. Don't use Chrome. Firefox is a good choice, though they're not perfect. They use some mildly dark patterns to trick you into sending telemetry back to their servers by default. Go through the settings and pick the most stringent settings you can work with. Introduce exceptions where you have to and are willing to.

This is your first line of defence.


I don't use Brave, though it's probably not the worst choice. I just don't trust the guy who started it (also responsible for unleashing JavaScript on the world, make of that what you will). The various ways they've been found to do slightly iffy things hasn't filled me with confidence either.

Ad and tracker blocking
Next you want to block ads and tracking pixels. Here we're fortunate that most developers are lazy. The tracking code on the web is loaded from a central location and the tracking data is send to a central location.

Ad blocking extensions in your browser load up blacklists of known tracking endpoints and simply block them. This means faster loading webpages, no ads and importantly no tracking! A better world all around.

Of course there is a cost. Sometimes the ad blocker will interfere with site functionality. If you're willing to tinker, you can often disable just the bits causing problems and continue. In the worst case, you can whitelist a specific site so it runs all its crap. Or open up your browser's Porn Mode, do what you need to do on the offending site, close the window and all the associate cookies and other long-term tracking info is gone.



The best ad blocker is without a doubt UBlock Origin. Just having it loaded with the defaults is a great start. Go through the settings and you can add more stringent blacklists and rules. It also has the cool dropper tool where you can select specific DOM elements in the page to remove. Great for popups and other annoyances.

DNS blocking
Next line of defence is DNS blocking. As most of the trackers and ad crap is centralised, you can block the DNS entries for much of it so it never even loads. This approach captures devices where you can't install your own software, like smart TVs, Internet of Things devices, phones and anything else connected to your local network.

There's a couple of ways to do this:
  • The Pi-hole uses a Raspberry Pi (or other cheap, low power computer) to run a custom DNS server with a range of blacklists on it. It's a great little system and works well, though only on your local network. Apart from the cost of the Raspberry Pi (and you can use one of the older, lower powered ones), it's free.
  • NextDNS is a paid service I use which does much the same but without you having to run a local server. It also allows you to protect your phone and other devices when you're away from your local network. It's really handy and simple to use.

A nice side effect: your ISP's blacklists that block things like The Pirate Bay are avoided because they're also done at the DNS level and you're no longer using their DNS servers.

How about your phone?
Mobile phones are filthy cesspits of tracking. Even if you don't have any apps (which all have tracking software inside), the manufacturers are all tracking you, whether that be Android (Google), iPhone (Apple) or one of the other Android players (Google still gets their data, Samsung, Huawei etc take their own too).

The only option I can offer if you want a phone but are totally uncomfortable with the tracking would be some of the open source options. But they're clunky and you won't have any of the particularly useful apps. Though I suppose you can browse the web and make phone calls.

Some options. I haven't explored this recently.
Of course the browser on your phone should be something like Firefox too, which has some limited ad blocking functionality too.

App telemetry
If you're going to be paranoid, you're going to need to get used to going through any settings on software you're using. The defaults tend to phone home and send telemetry, which you might want to disable.



Avoiding the FAANGs
So you've mostly cleansed your own hardware and software, but what about the services? Well you can still do a lot of things locally the old school way, and there's generally alternatives for any of the particularly problematic applications.

  • Search:
    • DuckDuckGo are a great search engine. Change your browser over to it now. Learn about the shortcuts that will take your search to other search engines for when it doesn't find you what you need. And don't install their apps, you don't need them.
  • Email:
    • Use a local email client and your ISP's mail server
    • Online services Fastmail, Protonmail are probably kosher
  • Maps:
    • It's funny to think how much we've got used to Google Maps. Of course Google's tracking where you go! You could try OpenStreetMap which isn't bad, though their directions routing isn't as good
  • Music:
    • Old school: load mp3s and FLAC files and use a local player
    • BandCamp are a great company, though I bet their apps have third-party tracking
    • The old Logitech Squeezebox music server software is still going strong and now supports a wide range of playback hardware including some cheap devices.
  • Media:
    • Jellyfin is an open source alternative to Plex for playing back video files
Posted

Random albums to mix things up a bit

I've taken to using the "Random Albums" option on my music system to surface music I haven't listened to in ages. It doesn't force you to listen to whatever comes out, that would be painful with the diverse library I have. Instead you can choose from the random albums it throws up.


It's been a fantastic tool for rediscovering great music I haven't listened to in a long time. It's really diversified my listening too, which is something I always try to do to keep out of music ruts..

Current pick I'm loving is the amazing Street Horrrsing by Fuck Buttons, first encountered at the Nick Cave-curated All Tomorrow's Parties festival held on Cockatoo Island in Sydney Harbour back in 2009. That was a mammoth day of incredible music! Still a great album too.

(See also Holy Fuck if you're looking for band t-shirts you can't wear to work.)

Posted

A month without booze

It's March which means my February booze fast is over. I tried a lot of alcohol free beer over February and there were some real gems amongst them.

The real standouts were the Vandestreek Playground IPA, Heaps Normal and the three Upflow brews. These made me not really miss beer at all. I'll be buying more of these!

The Sobah brews were disappointing. The backstory is great and I love the use of bush foods but the brews themselves weren't great. The Pepperberry one is great but I actually tipped out the Lemon Aspen. The finger lime one is okay but nothing special.

The mainstream brews were predictably underwhelming. The ones who get close in that category are the German wheat beer brands.

Sydney is starting to emerge from the restrictions we had over Xmas so there were a few outings in February. We went to a gig last week and then this weekend to a friend's birthday party in a local bar. The gig had Heaps Normal available so that was great. Out at the bar this weekend the bartender made me a really nice alcohol free cocktail with various juices and flavours, and I drank some plain tonic as they were using a good brand.

It's interesting to find I can get by without booze pretty happily though there are things I noticed. A lot of drinking is really giving you something to do with your hands. Without the booze, I ended up drinking quite a bit of water. No real problem but it was interesting to notice. Otherwise you end up drinking a lot of sugar.

Socially there's definitely a lubricating effect from alcohol. I didn't feel as talkative and definitely noticed the people around me loosening up as the night wore on. It's quite interesting observing it without being deep in it. Definitely worth experiencing from time to time anyway.

I've stocked up on a few favourite brews for my return to drinking. Since the whole idea is to cut down on drinking that definitely crept up in COVID-land, I probably won't crack anything open until Friday. Bummer that 1st March is a Monday but it won't hurt me.

So far in the stock is the Balter Hazy which is just brilliant summer quaffing and our closest brewery's best brew, the Sauce Bubble & Squeak. I'd also like to some of the Philter Marrickville Nights which is a brilliant Dark Ale, but I'll have to wander down that way to pick some up. Open to other suggestions.

Booze free beer: Sobah Lemon Aspen Pilsener

Sobah use bush foods as flavourings with mixed results. The Pepperberry isn't bad: an interesting flavour in the mix for a beer. The lemon aspen, not so good. It tasted like toilet cleaner, to be honest. I tipped it out.

Booze free beer: Erdinger Weissbrau Alcoholfrei

When holly was pregnant we drank a bit of this so I bought a bunch more for this booze free spell. It's still good, though now that I've discovered better it's not as amazing.

Styled as a wheat beer, which is very much Erdinger's thing, it's hoppy and flavoursome, very refreshing on a hot day. I still gladly drink this one. Though if I were drinking alcohol I'd go a Schofferhofer in preference.


A gig! EGOISM supported by Ultracrush

Last night Holly, Rachel and I managed to get out for some live music. Amazing after all this time.

The band we saw was local act EGOISM who we've been trying to see for a while. The earlier booking was for a December show that got cancelled with the Northern Beaches outbreak. Finally we got to see them at Mary's Underground, previously known as the famous Sydney venue The Basement.

It was weird going to a gig with all the checkin business for COVID. We were shown to a table and had to stay seated for the whole gig. Deeply weird. But rather civilised. Like a cabaret!

Better yet, Mary's stocks Heaps Normal, my favourite booze free beer.

EGOISM were great. Tightly performed their tracks, were fun with banter between songs. More polished than I'd expected. Their harmonies are really quite something.

Support act Ultracrush were good fun. Started off jingly jangly then went a bit shoegaze. Enjoyable show.


Booze free beer: Heaps Normal Quiet XPA

This is the way. A beer without booze that is no disappointment. It's delicious. Refreshing. Full of body. I'm buying a case!

Only downside: it costs the same as high-end craft beer! $80 case + $10 shipping. Ouch. But it is very good.