Showing all posts tagged facebook:

Be Smart, Use Dumb Devices

The latest news in the world of Things Which Are Too "Smart" For Their Users’ Good is that Facebook have released a new device in their Portal range: a video camera that sits on your TV and lets you make video calls via Facebook Messenger and WhatsApp (which is also owned by Facebook).

This is both a great idea and a terrible one. I am on the record as wanting a webcam for my AppleTV so that I could make FaceTime calls from there:

In fact, I already do the hacky version of this by mirroring my phone’s screen with AirPlay and then propping it up so the camera has an appropriate view.

Why would I do this? One-word answer: kids. The big screen has a better chance of holding their attention, and a camera with a nice wide field of view would be good too, to capture all the action. Getting everyone to sit on the couch or rug in front of the TV is easier than getting everyone to look into a phone (or even iPad). I’m not sure about the feature where the camera tries to follow the speaker; in these sorts of calls, several people are speaking most of the time, so I can see it getting very confused. It works well in boardroom setups where there is a single conversational thread, but even then, most of the good systems I’ve seen use two cameras, so that the view can switch in software rather than waiting for mechanical rotation.

So much for the "good idea" part. The reason it’s a terrible idea in this case is that it’s from Facebook. Nobody in their right mind would want an always-on device from Facebook in their living room, with a camera pointed at their couch, and listening in on the video calls they make. Facebook have shown time and time and time again that they simply cannot be trusted.

An example of why the problem is Facebook itself, rather than any one product or service, is the hardware switch for turning the device’s camera off. The highlight shows if the switch is in the off position, and a LED illuminates… to show that the camera and microphone are off.

Many people have commented that
this setup looks like a classic dark pattern in UX, just implemented in hardware. My personal opinion is that the switch is more interesting as an indicator of Facebook’s corporate attitude to internet services: they are always on, and it’s an anomaly if they are off. In fact, they may even consider the design of this switch to be a positive move towards privacy, by highlighting when the device is in "privacy mode". The worrying aspect is that this design makes privacy an anomaly, a mode that is entered briefly for whatever reason, a bit like Private or Incognito mode in a web browser. If you’re wondering why a reasonable person might be concerned about Facebook’s attitude to user privacy, a quick read of just the "Privacy issues" section of the Wikipedia article on Facebook criticism will probably have you checking your permissions. At a bare minimum, I assume that entering "privacy mode" is itself a tracked event, subject to later analysis…

Trust, But Verify

IoT devices need a high degree of trust anyway because of all the information that they are inherently privy to. Facebook have proven that they will go to any lengths to gather information, including information that was deliberately not shared by users, process it for their own (and their advertising customers’) purposes, and do an utterly inadequate job of protecting it.

The idea of a smart home is attractive, no question – but why do the individual devices need to be smart in their own right? Unnecessary capabilities increase the vulnerability surface for abuse, either by a vendor/operator or by a malicious attacker. Instead, better to focus on devices which have the minimum required functionality to do their job, and no more.

A perfect example of this latter approach is IKEA’s collaboration with Sonos. The Symfonisk speakers are not "smart" in the sense that they have Alexa, Siri, or Google Assistant on board. They also do not connect directly to the Internet or to any one particular service. Instead, they rely on the owner’s smartphone to do all the hard work, whether that is running Spotify or interrogating Alexa. The speaker just plays music.

I would love a simple camera that perched on top of the TV, either as a peripheral to the AppleTV, or extending AirPlay to be able to use video sources as well. However, as long as doing this requires a full device from Facebook1 – or worse, plugging directly into a smart TV2 – I’ll keep on propping my phone up awkwardly and sharing the view to the TV.


  1. Or Google or Amazon – they’re not much better. 

  2. Sure, let my TV watch everything that is displayed and upload it for creepy "analysis".3 

  3. To be clear, I’m not wearing a tinfoil hat over here. I have no problem simply adding a "+1" to the viewer count for The Expanse or whatever, but there’s a lot more that goes on my TV screen: photos of my kids, the content of my video calls, and so on and so forth. I would not be okay with sharing the entire video buffer with unknown third parties. This sort of nonsense is why my TV has never been connected to the WiFi. It went online once, using an Ethernet cable, to get a firmware update – and then I unplugged the cable. 

Once More On Privacy

Facebook is in court yet again over the Cambridge Analytica scandal, and one of their lawyers made a most revealing assertion :

There is no invasion of privacy at all, because there is no privacy

Now on one level, this is literally true. Facebook's lawyer went on to say that:

Facebook was nothing more than a "digital town square" where users voluntarily give up their private information

The issue is a mismatch in expectations. Users have the option to disclose information as fully public, or variously restricted: only to their friends, or to members of certain groups. The fact that something is said in the public street does not mean that the user would be comfortable having it published in a newspaper, especially if they were whispering into a friend’s ear at the time.

Legally, Facebook may well be in the right (IANAL, nor do I play one on the Internet), but in terms of users’ expectations, they are undoubtedly in the wrong. However, for once I do not lay all the blame on Facebook.

Mechanisation and automation are rapidly subverting common-sense expectations in a number of fields, and consequences can be wide-reaching. Privacy is one obvious example, whether it is Facebook’s or Google’s analysis of our supposedly private conversations, or facial recognition in public places.

For an example of the reaction to the deployment of these technologies, the city of San Francisco, generally expected to be an early adopter of technological solutions, recently banned the use of facial recognition technology. While the benefits for law enforcement of ubiquitous automated facial recognition are obvious, the adoption of this technology also subverts long-standing expectations of privacy – even in undoubtedly public spaces. While it is true that I can be seen and possibly recognised by anyone who is in the street at the same time as me, the human expectation is that I am not creating a permanent, searchable record of my presence in the street at that time, nor that such a record would be widely available.

To make the example concrete, let’s talk for a moment about numberplate recognition. Cars and other motor vehicles have number plates to make them recognisable, including for law enforcement purposes. As technology developed, automated reading of license plates became possible, and is now widely adopted for speed limit enforcement. Around here things have gone a step further, with average speeds measured over long distances.

Who could object to enforcing the law?

The problem with automated enforcement is that it is only as good as it is programmed to be. It is true that hardly anybody breaks the speed limit on the monitored stretches of motorway any more – or at least, not more than once. However, there are also a number of negative consequences. Lane discipline has fallen entirely by the wayside since the automated systems were introduced, with slow vehicles cruising in the middle or even outside lanes, with empty lanes on the inside. The automated enforcement has also removed any pressure to consider what is an appropriate speed for the conditions, with many drivers continuing to drive at or near the speed limit even in weather or traffic conditions where that speed is totally unsafe. Finally, there is no recognition that, at 4am with nobody on the roads, there is no need to enforce the same speed limit that applies at rush hour.

Human-powered on-the-spot enforcement – the traffic cop flagging down individual motorists – had the option to modulate the law, turning a blind eye to safe speed and punishing driving that might be inside the speed limit but unsafe in other ways. Instead, automated enforcement is dumb (it is, after all, binary) and only considers the single metric it was designed to consider.

There are of course any number of problems with a human-powered approach as well; members of ethnic or social minorities all have stories involving the police looking for something – anything – to book them for. I’m a straight white cis-het guy, and still once managed to fall foul of the proverbial bored cops, who took my entire car apart looking for drugs (that weren’t there) and then left me by the side of the road to put everything back together. However, automated enforcement makes all of these problems worse.

Facial recognition has documented issues with accuracy when it comes to ethnic minorities and women – basically anyone but the white male programmers who created the systems. If police start relying on such systems, people are going to have serious difficulties trying to prove that they are not the person in the WANTED poster – because the computer says they are a match. And that’s if they don’t just get gunned down, of course.

It is notoriously hard to opt out of these systems when they are used for advertising, but when they are used for law enforcement, it becomes entirely impossible to opt out, as a London man found when he was arrested for covering his face during a facial recognition trial on public streets. A faulty system is even worse than a functional one, as its failure modes are unpredictable.

Systems rely on data, and data storage is also problematic. I recently had to get a government-issued electronic ID. Normally this should be a simple online application, but I kept getting weird errors, so I went to the office with my (physical) ID instead. There, we realised that the problem was with my place of birth. I was born in what was then Strathclyde, but this is no longer an option in up-to-date systems, since the region was abolished in 1996. However, different databases were disagreeing, and we were unable to move forward. In the end, the official effectively helped me to lie to the computer, picking an acceptable jurisdiction in order to move forwards in the process – and thereby of course creating even more inaccuracies and inconsistency. So much for "the computer is always right"… Remember, kids: Garbage In, Garbage Out!

What, Me Worry?

The final argument comes down, as it always does with privacy, to the objection that "there’s nothing to fear if you haven’t done anything wrong". Leaving aside the issues we just discussed around the possibility of running into problems even when you really haven’t done anything wrong, the issue is with the definition of "wrong". Social change is often driven by movement in the grey areas of the law, as well as selective enforcement of those laws. First gay sex is criminalised, so underground gay communities spring up. Then attitudes change, but the laws are still on the books; they just aren’t enforced. Finally the law catches up. If algorithms actually are watching all of our activity and are able to infer when we might be doing something that’s frowned upon by some1, that changes the dynamic very significantly, in ways which we have not properly considered as a society.

And that’s without even considering where else these technologies might be applied, beyond our pleasant Western bubble. What about China, busy turning Xinjiang into an open-air prison for the Uyghur minority? Or "Saudi" Arabia, distributing smartphone apps to enable husbands to deny their wives permission to travel?

Expectations of privacy are being subverted by scale and automation, without a real conversation about what that means. Advertisers and the government stick to the letter of the law, but there is no recognition of the material difference between surveillance that is human-powered, and what happens when the same surveillance is automated.


Photo by Glen Carrie and Bryan Hansonvia Unsplash


  1. And remember, the algorithms may not even be analysing your own data, which you carefully secured and locked down. They may have access to data for one of your friends or acquaintances, and then the algorithm spots a correlation in patterns of communication, and associates you with them. Congratulations, you now have a shadow profile. And what if you are just really unlucky in your choice of local boozer, so now the government thinks you are affiliated with the IRA offshoot du jour, when all you were after was a decent pint of Guinness? 

How Much Trouble Is Facebook In?

Users (including me) are deleting Facebook, but FB reports no drop in active users. What gives?

It’s not just Bloomberg, either; a survey published in Forbes claims that More Than 1 in 4 Americans Have Deleted Facebook. I’m not American, nor do I play one on TV, but I deleted the FB app from all my devices a while ago. I still have my account, but I went from checking it multiple times per day to glancing at it once every couple of weeks. Informally, I speak to lots of people who have done the same thing.

Once again, what gives?

Counting And Overcounting

There is nothing surprising here: any action is enough for FB to count you as active, so they can claim with a straight face that even someone like me is still "active" for purposes of their statistics – and the rates they can charge advertisers.

Remember when Facebook inflated video viewing stats for two years? Good times, good times. Turned out, they were counting anything over three seconds as if you had viewed the whole thing. The only problem is, it might take you that long to figure out how to dismiss the annoying thing.

Unsurprisingly, advertisers who had been paying through the nose for those video ad placements were not best pleased, especially as the scale of the over-counting became clear:

Ad buying agency Publicis Media was told by Facebook that the earlier counting method likely overestimated average time spent watching videos by between 60% and 80%

On A Mission

Facebook take their mission extremely seriously. Currently it says this:

Give people the power to build community and bring the world closer together.

The old formulation was perhaps clearer:

To give people the power to share and make the world more open and connected.

Either way, the Rohingya in Burma1, to cite just one example, might have preferred if people had not shared libels and built communities around hunting them down and ejecting them from their villages.

Facebook, however, in dogged pursuit of this ideal, builds and maintains so-called shadow profiles, even for users who had the foresight never to sign up for Facebook. These profiles are built up by using various tracking mechanisms that follow users around the Web – famously, the Like button, although supposedly that has now been defanged. One also suspects a certain amount of information sharing between Facebook’s various properties, notably Instagram and WhatsApp.

The AOL Of Our Century

The bottom line is, you’re not getting out of Facebook that easily, if only because of the famous truism of the ad-funded web: "if you’re not paying for it, you’re the product". With Facebook, as with all social media sites, that is true in a very literal sense. What they are selling to their advertisers is exposure to the greatest number of eyeballs, ideally filtered according to certain characteristics. If the pool starts shrinking, their opportunity to make money off advertisers shrinks commensurately. If people start seriously messing with the stats, for instance by using tools like fuzzify.me, such that the filters no longer return groupings of users that are attractive to advertisers, that will also be a problem. Any drop in Daily or Monthly Active Users (DAU and MAU) would be a much more immediate threat, though, and that is why as long as users check Facebook even occasionally, there will never be a serious drop in usage reported – right up until the day the whole thing dies unceremoniously in a corner.


  1. I refuse to call it Myanmar. 

Needy Much, Facebook?

This notification was on my iPad:

A HUNDRED messages? Okay, maybe something blew up. I’ve not been looking at Facebook for a while, but I’ve been reluctant to delete my account entirely because it’s the only way I keep in touch with a whole bunch of people. Maybe something happened?

I open the app, and I’m greeted with this:

Yeah, no notifications whatsoever inside the app.

Facebook is now actively lying to get its Daily Active Users count up. Keep this sort of thing in mind when they quote such-and-such a number of users.

To Facebook, user engagement stats are life itself. If they ever start to slide seriously, their business is toast. Remember in 2016, when Facebook was sued over inflated video ad metrics? Basically, if you scrolled past a video ad in your feed, that still counted as a “view", resulting in viewer counts that were inflated by 80%.

Earlier this year, Facebook had its first loss in daily active users in the US and Canada. They are still growing elsewhere, but not without consequences, as the New York Times reports in a hard-hitting piece entitled Where Countries Are Tinderboxes and Facebook Is a Match.

At this point, I imagine anyone still working for Facebook is not nearly as forward with that fact at dinner parties or in bars, instead offering the sort of generic “yeah, I work in IT" non-answer that back-office staff at porn sites are used to giving.

This Is Where We Are, July 2017 Edition

A quick review of the status of the Big Three1 social networks as of right now.

It seems Facebook is testing ads in Messenger now, which is an incredibly wrong-headed idea:

Messenger isn’t really a “free time" experience the way Facebook proper is — you use the former with purpose, the latter idly. Advertisements must cater to that, just like anywhere else in the world: you don’t see the same ads on subway walls (where you have to sit and stare) as on billboards (where you have two or three seconds max and your attention is elsewhere).

I always hated Messenger anyway, just out of reflex because they had felt the need to split it off into a separate app. In fact, I kept using Paper until Facebook finally broke it, in no small part because it kept everything together in one app. It also looked good, as opposed to the hot mess of FB’s default apps.

Between that and the “Moments" rubbish junking up the top of every one of the FB apps, I am actively discouraged from using them. At this point I pretty much only open FB if I have a notification from there.

Meanwhile, Twitter is continuing on its slow death spiral. It is finally becoming what it was always described as: a “micro-blogging" platform. People write 100-tweet threads instead of just one blog post, and this is so prevalent that there are tools out there that will go and assemble these threads in one place for ease of reading.

It’s got to the point that I read Twitter (and a ton of blogs via RSS, because I’m old-school that way), but most of my actual interaction these days is via LinkedIn. I even had a post go viral over there - 7000-odd views and more than a hundred likes, at time of writing.

So this is where we are, right now in July 2017: Twitter for ephemeral narcissism, Facebook for interacting with (or avoiding) the same people you deal with day to day, and LinkedIn for actually getting things done.

See you out there.

Photo by Osman Rana on Unsplash


  1. I don’t Instagram, I’m too old for Tumblr, and - oh sorry Snapchat, didn’t see you down there

Privacy? on the Internet?

Periodically something happens that gets everyone very worked up about privacy online. Of course anyone who has ever administered a mail server has to leave the room when that conversation starts, because our mocking laughter apparently upsets people.1

The latest outrage is that Facebook has apparently been messing with people's feeds. No, I don't mean the stuff about filtering out updates from pages that aren't paying for placement.

No, I don't mean the auto-playing videos either. Yes, they annoy me too.

No, it seems that Facebook manipulated the posts that showed up in certain users' feeds, sending them more negative information to see whether this would affect their mood - as revealed, naturally, through their Facebook postings.

Now, it has long been a truism that online, and especially when it comes to Facebook, privacy is dead. The simplistic response is of course "if you wanted it to be a secret, then why did you share it on Facebook?". This is, of course, a valid point as far as it goes. The problem is that the early assumptions about Facebook no longer hold true.

Time was, Facebook knew about what you did on Facebook, but once you left the site, you were free to get up to things you might not want to share with everybody. Then those "Like" buttons started proliferating everywhere. Brands and website operators wanted to garner "likes" from users to prove their popularity, or at least the effectiveness of their latest marketing gimmick ("like our site for the chance to win an iPad!").

It turns out that on top of tracking what you actually "like", Facebook can track any page you look at that has a Like button embedded. Given that the things are absolutely everywhere, that gives them probably the most complete picture of any ad network out there.

Then Facebook changed their news delivery options. It used to be that "liking" a page meant that you would see all their updates. Now, it means that about 2% of the people who "like" the page see the updates - unless the page operators choose to pay to amplify their reach... Note that these pages do not necessarily belong to brands and advertisers. If your old school has a page that you "like", in the expectation that you will now receive their updates, you're out of luck. Guess you'd better arrange a fundraiser at your next reunion to gather cash to pay Facebook. On the plus side, you have a built-in excuse for poor attendance at the reunion: "ah, I guess they were in the 98% that Facebook didn't deliver the notifications to".

And now Facebook have gone whole-hog, not just preventing information from reaching users' feeds, but actively changing the contents of the users' feeds - in the name of Science, sure.

This is far beyond what people think they have signed up for. There is a big difference between being tracked on Facebook, and being tracked by Facebook, everywhere you go. The difference is not just moral, but commercial. After all, tracking users across multiple websites has been standard operating procedure for ad networks for a long time now. If you've ever shopped online for something and then seen nothing but ads for that one thing for a month thereafter, you have experienced this first-hand. It's mildly creepy, but at this point everyone is pretty well inured to this level of tracking.

Being tracked by ad networks is different from being tracked by Facebook in one very important way. So far, nobody seems to have figured out a good way to make money with content on the internet. A few people do okay with subscriptions, but it tends to be a niche thing. Otherwise, pretty much everything is ad-funded in some way. Now, banner ads can be annoying, and the tracking can get creepy, but at least the money from the ad impressions is going to the site operator, who provides the content that keeps us all coming back.

The "like" button subverts this mechanism, because it's just as creepy and Big-Brotherish, but none of the money goes to the site's operator. All the money and data go only to Facebook, who are even now trying to figure out how to modify your feed to make you want to buy things. Making you feel bad was only step 1, but not everyone goes straight to retail therapy as a remedy. Step 2 is hacking our exocortices (hosted on Facebook) to manipulate the "buy now!" instinct directly.

If you enjoyed this article, please like it on Facebook.


  1. If you don't know what I'm talking about, let's just say I really, really know what I'm talking about when I say you shouldn't send credit card numbers in the clear, and leave it at that. 

Are you KIDDING ME?

all the trigger warnings

There is a Facebook page entitled "Elliot Rodger is an American hero" (no link, but you can find it easily enough). Facebook offers the ability to report pages that are harassing, so that's what I did - and look what their response is!

Apparently this page does not violate Facebook's Community Standards. These would be the same standards that get people in trouble for posting pictures of mothers breastfeeding, or the kids' bath time.

To quote from those Community Standards:

Facebook does not permit hate speech
, but distinguishes between serious and humorous speech. While we encourage you to challenge ideas, institutions, events, and practices, we do not permit individuals or groups to attack others based on their race, ethnicity, national origin, religion, sex, gender, sexual orientation, disability or medical condition.

I would say this is pretty obviously hate speech and not humorous in the least. Look, this isn't 4chan. I have no doubt there are already one million animated gifs of kawaii kittens acting out Elliot Rodger's shooting spree, complete with "Never gonna give you up" on the soundtrack, but that's expected over there. If you have no rules, that's what happens - but if you set rules, guess what? People expect you to enforce them, universally and fairly.

This isn't quite my "boycott Facebook" moment, but it's one more broken thread in the string that's holding me there.

Jumping the fence

Facebook just released their new iPhone client, an app called Paper. It’s quite nice, and gets good reviews.

Bit of a jerk move on the name, mind.

If you are in the US, you can just download Facebook Paper, but if you’re in the rest of the world, you’re out of luck.

Or are you?

There are a few different unofficial ways to get apps onto an iPhone, bypassing these sorts of geographical restrictions: sideloading, changing the country on your existing iTunes account, or creating a whole new Apple ID from scratch.1

Sideloading

Sideloading2 means that you install the app from your computer, but without going through iTunes. You will need to have access to the actual app file, so you will need a co-conspirator in the US to get you the app. Your confederate can find these as .ipa files in the iTunes Media/Mobile Applications subdirectory of their main iTunes directory.

Once you have the relevant .ipa file, you can use the iPhone Configuration Utility3 to load the app onto your phone. Once you’ve done this, the app should behave normally, including for updates.

Changing the country

You can change the country of an existing iTunes account quite easily: open the App Store app, scroll all the way to the bottom of the “Featured" tab, tap on your Apple ID, choose “View Apple ID" in the popup, and tap on “Country/Region" to change to the US store.

HT1311_03--account_settings-002-en.png

There is a pretty big downside to this method: your payment details will be reset, which would not be too bad, except that it also loses any recurring subscriptions you have set up. I have a few that I didn’t want to mess this, so I didn’t follow through, and can’t vouch that this method works.

Creating a new Apple ID

I didn’t want to do this because it seemed like it would be a huge hassle, but it’s actually fairly painless. There is only one wrinkle to be aware of. Apple in their wisdom will not let you create an Apple ID from scratch without setting a means of payment. However, if you sign out from your existing Apple ID, then go to install a free app (such as, oh for instance Facebook Paper), you are prompted to log in with an existing Apple ID or create a new one. If you start the process this way, you will then be able to select “None" for your method of payment.

none+iphone+13+11+16.jpg

You’ll need an e-mail address that you have not previously used with Apple to complete the registration. Once you have done this, finish downloading Facebook Paper, then log out of your US account and log back in as yourself.

Facebook Paper should pick up your existing FB credentials saved in iOS and work normally from this point on.


  1. Well, or move physically to another country, but that’s a bit beyond the scope of this post.  

  2. This is the method I used to load Google+ onto my iPad back when it was iPhone only. Remember when we were all excited about G+? 

  3. This page is not really up to Apple’s usual standards: all-lower-case title for a start, and a confusing mix of version numbers and platforms all jumbled together with no explanation.