Public Service Internet monthly newsletter (Oct 2024)

Your friends will be there for you, your work won't

We live in incredible times with such possibilities that is clear. Although its easily dismissed while seeing Mozilla closing their Mastodon instancethe internet archive no longer allowed to lend ebooks and the endless saga of 23 and me.

To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.

You are seeing aspects of this with coffee pod recycling for realThe possible return of concentrated solar power plants and the formulation of the social web foundation.


Real stories about Facewatch in the UK

Ian thinks: Although put together by big brotherwatch, this video shows the people caught up in the facewatch surveillance in the UK. Its hard to watch but a good reminder of the on going problems.

What does Fish have to do with online privacy?

Ian thinks: Based around the paper written by Barath Raghavan and Bruce Schneier. NBTV, puts the paper into focus through many clear examples and comparisons. Its clear privacy has been misjudged and we are all paying for this.

Cory shouts Disenshittify or die at Defcon24, and in text.

Ian thinks: Cory’s follow up to last years talk, is another great reminder of the horrible state of the market, internet and society. You can’t help but raise a fist to some of points about Spotify, Google, Meta, etc. But the re-examination of the words; if you are not paying for the product you are the product. Is a very important call.

Will you host your data on Lidl’s cloud service?

Ian thinks: Although it sounds ridiculous on first glance, This is an example of the big difference between the EU data space and the Silicon Valley space. There is no way Lidl would even consider this an option outside the EU, but the EU laws makes a somewhat trusted brand viable for this type of pivot.

The importance of friendship, loneliness and vulnerability

Ian thinks: This conversation between Simon Sinek & Trevor Noah strikes a chord with some of the large societal problems. This has so much from  questions about friendship to the importance of cultivating them into something strong and lifelong. Just at a time when loneliness is rising, I felt this a important one to share.

Tokyo creates its own dating app, against the likes of Match

Ian thinks: Match group currently has 50% of the market, but the Japanese government is about to launch their own as the population decline is that serious. Its worth noting Japan has tried many things including paying bars/clubs to put on single nights for the last 10 years, making this decision not something made lightly.

Detecting AI generated like a pro?

Ian thinks: We are all facing a barrage of AI generated images and videos, it is easy to be distracted or be tricked and there is no shame to this. With some of these tips, it will help weed out 90% of the typical AI slop.

Digital legacy a change is due

Ian thinks: Digital legacy is something we rarely think about but really should. There is a number of interesting developments from research into digital legacy to UK justice beta testing digital LPAs. This podcast gives a real sense of the importance of this all.

Grief and digital grief

Ian thinks: Following the previous link, this video from the Guardian, explores both sides of the divide around using AI technology for people who die. Its striking as these homegrown solutions are being commercialised and rolled out with little to no care for the people on both sides


Find the original here and the archive here

Digital legacy the home made version

 

iStorage datAshur PRO 4GB Secure flash USB drive

For a long while since my brush with death, I have been thinking about my digital legacy as most of my stuff is digital. I know its not something most people think about but in the same way most people don’t think about their will till something major happens or its too late.

Digital legacy is in that place right now where there are companies which will do it for you but the trust model seems broken to me. Also they tend to need everything to be in one place/platform rather than the real way people use digital technology today and into the trustless/diy/open future.

With this in mind, I checked out a few different options and the one which came up consistently was Hereditas.

Hereditas, which means inheritance in Latin, is a static website generator that builds fully-trustless digital legacy boxes, where you can store information for your relatives to access in case of your sudden death or disappearance.

For example, you could use this to pass information such as passwords, cryptographic keys, cryptocurrency wallets, sensitive documents, etc.

Herditas is neat and the code is open source allowing anyone to investigate it. But as its alpha software I always felt a bit uneasy about using it for my digital legacy because it felt a bit too barebones (although I did sign up for Auth0).

I looked for alternatives such which also used the method of trustless, zero-knowledge and verification, but found little. So decided to try setting something up myself based on what I already have and use.

It was about the same time the lastpass security breach happened and although I’m not using a online password manager started thinking if there was a way to combine the both in a safe way.

So what did I do?

First I bought these secure USB drives and of course changed the passcode to something long and unique.

Then made a copy of my keepass database (my password manager) on to the USB drive along with my  Letter of wishes, a readme file and other bits and bobs. The database is locked up with a very long and difficult master password. That password is stored inside another online password manager, bitwarden which includes the feature of emergency access. I have already set up family members and close friends using this feature. Meaning only a few selected people can access it once I don’t reject their access request.

Once someone gets access to the bitwarden account, they would still need access to the database file, which is on the secure keys. Then to top that,  keepass has the option of a key file which can look like almost any file including ones on the secure USB stick. Its not elegant but I can’t see many flaws and it works in a simple way which was explained to my family.

I’m still experimenting with this all but been thinking a better option is to use another encrypted filesystem or Certs for the keepass 2nd authentication. Of course that file doesn’t have to even sit on the secure USB drive at all, as I’m considering buying and using more FIDO2 keys and using that instead.

Looking Herditas again, I quite like the idea of a static website on the secure website which could make a better solution that a readme file. It would be great if Herditas could actually run on/offline

Thoughts and comments are welcomed…

Is there a major flaw which I’m missing or is something which could work?

Update Tuesday 24th Jan

There has been some discussion on the fediverse about my post and I wanted to add some more details. Some people have asked why bother and I wanted to address some of them.

The scenario of death is a lot clearer and the death certificate will unlock a lot of things, however its worth noting some EULAs from the likes of dropbox need explicit consent before they will provide access. I’m also using the likes of Google, Facebook, etc’s legacy contact support.

The scenario I alluded to, was when I was in in ICU for 3-4 weeks and my family and friends needed to sort out my life when I was buying a new flat. I was lucky but I could have lost the flat. Yes its unique but a lot can happen when you are temporarily or even permanently out of action. Permanent disability is possible and providing access in a safe way, can make a lot of difference. I also think my thoughts still works in this case too.