Press "Enter" to skip to content

Month: January 2017

I’m Out

I think I’m done with social media.

I don’t check Facebook anymore. The app is gone from my phone and the bookmark is gone from my browser favourites. Every one of my “friends” has been unfollowed. In Facebook parlance, that we are still “friends”, but I don’t see any of their posts, likes, and other Facebook activity like article shares.

I held onto the Facebook Messenger app since some friends use that to contact me now and then. I’ll check a lone Facebook group now and then for the Sunday running routes.

On Twitter, I’ve unfollowed pretty much everyone. My timeline consists of TTC notices, and tweets from a few select people and services whose tweets I find interesting. If the TTC provided those notices some other way, I’d probably kick Tweetbot to the curb as well. I’ll see if I still check those updates. I think I probably won’t.

What I used to see on Facebook years ago is vacation photos, some updates on friends lives, a birthday, some pics of a dog or cat, maybe a Dailymile run or two. You know, actual stuff that I’m interested in hearing about so I can get a glimpse into the lives of people I care about.

What I get now is endless shared articles, mostly political, hurled into a vast echo chamber. For years I’ve been carefully pruning my Facebook feed through the “hide all from website” feature. Hide all from BuzzFeed. Hide all from Huffington Post. Hide all from OMG Facts. You get the idea.

It’s become too much. Despite my constant pruning, Facebook insists on showing me article after article about how the world is ending, and how society is breaking down around me.

Do I blame Facebook? No. Because that is literally all it has to show me. That’s all people post these days. See an article, share on Facebook. Comment. Like. Shake head. Rant and rave. #whatever.

Twitter is the same thing.

OMG, this is INSANE! Retweet some celebrity going on about some cause. Someone died. RIP. So sad. Some company gave me bad service. Call them out with “Hey @starbucks…” so everybody knows that Starbucks messed up my latte in some awful way. RT to try to win some contest.

I’ve been guilty of some of this over the years. It’s too easy to just type out 140 characters and send it out into the world without thinking whether a) it needed to be said, or b) anyone either read it, or cared.

I write a blog post, link to it on Twitter, see a few likes, and when I check analytics, it turns out that nobody actually read the post. What’s the point? There isn’t one.

No time to actually read or learn or investigate or come to your own conclusions. Read clickbait headline, retweet and like. Repeat.

The value of these social networks to me has been diminishing and a tipping was reached where I don’t think the value I get out of being a part of it is greater than the cost I’m paying in time and mental health. Ironically it was #BellLetsTalk that really pushed me over the edge and got me thinking about quitting.

I’ll keep my accounts for now, but don’t expect any posts on Facebook or Twitter from me. If you need to reach me, Twitter direct messages aren’t a good way anymore. I’ll be on Signal, iMessage or Facebook Messenger (if you must).

Comments closed

How I Secure My MacBook Pro

Securing a computer is a balancing act. On one hand, if you go for complete security of your data, you’ll be annoyed by repeated password entries and other hassles. On the other hand, if you rid yourself of even a few of those pesky little hassles, it compromises security.

Who cares?

If you wondering why it even matters, think about what you have on your computer right now. I bet you have easy access to your email account(s), photos, probably a year or more of your browsing history and logged in sessions for your online banking, and who knows what else.

Would you hand your computer to a stranger, walk away for an hour and let them dig around? Of course not. Losing it or having it stolen is the same thing except it’s more than an hour, and the person with your laptop is going to be looking for more than your bathroom selfies.

It’s all about balance

I’ve got what I think is a pretty good balance now. Here’s how I’m set up:

I have a good user account password for my MacBook. It’s long, contains things other than lower case letters but it’s still memorable enough that I can type it in if required.

The user account password on a Mac is almost useless if someone gets physical control of your computer as it can be bypassed without much effort. With that in mind, I also have a firmware password set. My firmware password is not the same as my user password, it isn’t very memorable and I store it safely in 1Password in case I ever need to use it.

I also have FileVault full-disk encryption enabled. That means my full hard drive is encrypted and protected from prying eyes, even if someone clones the drive or steals my whole computer.

‘Unattended’ consequences

None of those things do much if I leave my Mac logged in and unattended. To mitigate this risk, I have fairly aggressive screensaver and lock settings. My screensaver starts after one minute and my computer locks five seconds after the screen saver is activated. Closing the lid puts my Mac to sleep and locks it immediately.

For example, if I’m sitting at my desk and don’t interact with my Mac for a minute, the screensaver starts. I have five seconds to flick the trackpad and clear the screensaver before it locks my Mac, requiring the password.

When I leave my desk, my computer is vulnerable for the first minute and five seconds which is probably not the end of the world where I work. I sometimes use the “hot corners” feature of macOS to instantly start the screensaver if I am leaving my desk, or I use Alfred to quickly start it from the keyboard.

The ‘key’ to reducing password entry annoyance

Entering my user password a few dozen times a day is a bit of a pain point, so I invested in a Yubikey 4 USB key. This little device works with macOS Sierra and when it’s plugged in to one of the USB ports on my Mac, the requirement for my user password is reduced to a requirement to enter a 6-digit numeric pin which is quick and easy to type.

1Password

As noted above, I also use 1Password to help keep all my online accounts secure. I have unique, long, unmemorable passwords on every online service I use, and I rely on the 1Password browser extension to log me into the various accounts on my Mac and the 1Password app on my iPhone.

The Yubikey 4 offers some additional convenience for 1Password. While there isn’t the full support I’d like for these type of hardward keys, the Yubikey 4 in particular can store a static password that it will enter on demand by pressing a button on the key.

I have my 1Password password stored in the Yubikey and when the 1Password extension asks for my password, I touch the button on my key for a few seconds and the Yubikey 4 types the password in for me, and hits enter. That allows me to to set the lock delay for 1Password to a much shorter duration as it removes the annoyance of having to type a long password in every time I want to use the extension.

Balance achieved

Overall I’m finding this to be a workable balance. My MacBook Pro is locked and secured behind good passwords when it is unattended. When I do need to log in, the Yubikey makes it much less annoying by lowering the requirement to a PIN.

If my laptop is stolen while closed, I’m covered. The data is encrypted and locked away. My user account is safe. Inside the office, my data is safe from snoopers by enforcing a quick account lock. I never store the Yubikey with my MacBook unless it’s plugged into the USB port. If I leave my MacBook on my desk at the office, I take the Yubikey with me. When my MacBook is in a bag over my shoulder, the Yubikey is in my pocket on a keyring.

Total investment was about $40 USD for the Yubikey, $5USD/month for 1Password Family, and some time getting the various screensaver and lock timings set up.

Comments closed