Cycling, Javascript and Saving the Planet

A few weeks ago I bought a basic road bike with the intention of cycling to work. And I’m totally hooked! Addicted maybe? I think I finally get it.

My primary reason for biking to work is to level up the amount of exercise I get in every week, but I’m aware that leaving the car at home has some obvious side effects. By burning less gasoline I’m obviously saving some money and I’m keeping some amount of carbon out of the air.

Meanwhile, I’ve been looking for a good practical way to level up my vue.js skills. So I challenged myself to build a simple tool in vue.js to help me quantify just how much CO2 I’m leaving in the tank and how much money I’m leaving in my wallet.

The result biketoworkcalculator.com

It’s a dead simple tool that allows you to roughly calculate CO2 and dollars you save by riding a bike. Check it out for yourself.

I was actually quite surprised that biking only one day per week would save me around $10 in gasoline over the course of a month.


If you’d like to look at the code or correct my math or whatever, it’s up on github: https://github.com/ohryan/biketoworkcalculator

Oh and if you’re in to cycling, follow me on Strava.

Dev.to: The most Pleasant Online Community.

Earlier this year, the developer centric social network DEV started popping up regularly in the portions of The Internet I frequent. And for the past month or so, I’ve been loading up the home page almost as frequently as Reddit.

The site itself is like some sort of impossible hybrid combination of Twitter, Stackoverflow and Livejournal. They describe themselves as:

Where programmers share ideas and help each other grow. It is an online community for sharing and discovering great ideas, having debates, and making friends.

In function, it’s a blogging platform much like every blogging platform that is come before LiveJournal, blogspot, tumblr, medium, etc. With a markdown-based editor which I assuming is intentionally “programmy” to make developers feel at home.
Unlike blogging platforms that have come before, dev.to allows creators to easily repost via RSS, maintaining a canonical link to you original post! They have no desire to own the intellectual properly.

In substance, it’s much like stackoverflow, crossed with r/programming or hacker news. Somewhat like stackoverflow, developers post questions relevant to every aspect of development (programming, work, metal health, whatever). But also, developers post tutorials, idea, projects, etc like a reddit or hacker news.
Unlike other developer communities, the entire site is an open source project that anybody can contribute to!.

In form, it’s much like Twitter. The homepage is a reverse-chronological-algorithm-sorted feed (based on your interests) of posts, with headlines, hash tags, hearts and cute little avatars of everybody’s faces.
Unlike Twitter, you’re not limited to hearting a post, you can also unicorn it (I don’t know why).

As a whole, DEV manages to be the most diverse and positive communities I’ve been a part member of in a long long time. By diverse, I mean in every way! By positive, I just mean, people are generally nice and pleasant. You can ask a question and not be told “you asked it wrong” (like they would be on stackoverflow), receive 100 snarky sarcastic replies (like Twitter), or “your dum” (like reddit).

Frankly, I’m not sure how they’re pulling it off. Perhaps it’s because the site is so niche. Or maybe it’s because it’s so small (< 200,000 members at the moment, which is tiny), maybe they haven’t reached the tipping point where toxic individuals are able to dominate the conversation. The fact that the founder Ben Halpern seems to be one of the nicest people on The Internet can’t hurt either.


With all the negative press surrounding the big social networks, I’ve been expecting a some venture capital funded behemoth to replace them any day now. In the same way that Facebook killed MySpace or Reddit killed Digg, I assumed there would be a bigger player that destroys Facebook or Twitter.

But now I’m wondering if niche networks like DEV are the way of the future and it will be more of a death by a thousand cuts for the likes of Facebook.

Whatever might be the case, DEV is a welcome return to a kinder, simpler internet and I love it.

I wonder if there are other niche social networks like that I’m missing out on?

What I Learned About The State of Online Creation While Building a Web Comics Feed Aggregator

Web comics were a big part of what I used to like about the old – pre-social-media – Internet. Diesel Sweeties, Penny Arcade, PVP, My Extralife, Nothing Nice to Say, Orneryboy, etc. I’m not sure exactly how it happened, but I just sort of forgot that web comics existed for a good decade plus. Sure some of these classics quit publishing and I think my sense of humour shifted away from others. Whatever the case, it really seems like web comics are back. Or at the very least my interest has been reignited.

Recently in the past month or so, a few really great comics (strange planet, poorly drawn lines to name a couple) have popped on to my radar and I’m all in. Hard.

Now that I’m back in I am bumping into an old problem. There’s not a great centralized location to read everything. In the past I’ve read web comics inside an RSS reader. But RSS readers never felt like the right context, their UI is too ridged, too geared towards written content or something.

Do a search for “web comics reader” and you’re get various websites. Outdated websites from the early days of web comics. You’ll also find webtoons.com, a site that’s taking a good stab at solving this problem. I just don’t like it, it doesn’t feel right for me.


Enter webfunnies.online. The beauty of an open internet is the ability for anyone with some development skills to build their own solution to a problem, just the way they like it.

In the process of looking through dozens of web comics, I discovered some troubling things about the state of online creation.

RSS

RSS still exists as a solid machine-readable way to syndicate arbitrary content.

However creators seem to have forgotten it exists. Less than 50% of the web comics sites I visited advertised and RSS link, even though every one of those made an RSS feed available and published it in the HTML source.

Perhaps this is a moot point since feed readers are good at automatically discovering the

Content Ownership

A large contingent of content owners are publishing original content exclusively to platform like reddit, instagram and patreon. Platforms they don’t own or control. By “exclusively” I don’t mean that they are getting paid to post on those platforms (though in the case of Patreon may be). I just mean that they are posting original artwork directly to those platforms. They simply using those platforms as quick and dirty hosting.

To put in another way, they are giving their intellectual property for free, to for-profit corporations who are using it to sell advertisements.

This does not sit right with me. And I’m not even an artist.

My Thoughts on Facebook and Cambridge Analytica

It has been almost a month since the massive Cambridge Analytica x Facebook improper-user-data-ex-filtration mess (don’t call it a data breach) came to light. The news is settling down despite the real numbers coming out of Facebook and a possible 600,000 Canadians possibly affected.

I’ve been mulling over how I feel about it and I’ve finally come to a conclusion.

As much as I’d like to see this as a catalyst for people to start finding (and building) alternatives to Facebook’s walled garden of exploitation, I don’t think they did anything wrong.


The basic narrative of the Cambridge Analytica story seems to be that Facebook tricked average Americans opting to share all their facebook data with some benign looking app (like a quiz); which in turn gave the app maker further access to the victim’s friends data. Without the victim’s friends’ permission. In other words, if your friends fell for this ploy, Facebook’s API gave the app maker access to your data without your permission.

I don’t believe there is any truth do this assumption. Facebook’s API never granted access to this level of data about friends (let alone friends-of-friends). They are not that stupid.

I was involved in building Facebook app integration during the time that Cambridge Analytica gathered their data, I read Facebook’s Open Graph API documentation numerous times. Unfortunately that version of the API no longer seems to be available online, but I was able to find some old how-to videos referencing it.

As far as I can piece together, the only data about your friends that Facebook ever provided via the API was their full name and user id. Any data about your likes, political affiliation, family connections, marital status, or anything else that could be used for “psychographic” modelling was never available via your friends.

However!

These personal details were available to anyone and everyone via your public profile! Assuming that you hadn’t opted out of sharing this info (and I really doubt most user were giving their privacy details much thought before they learned the name Cambridge Analytica).

In order for Cambridge Analytica and others to mine this data they would have had to write bots to scrape data directly from your public facing profile. In the past, it was very easy to gain access to these profiles in a programmatic way. Anybody could simply load http://facebook.com/profile.php?id= with your ID to see your public profile. Even a non-programmer can see how easy it would be to generate a list of targets for a bot to crawl.

At some point, Facebook started closing this “profile.php” access point as they rolled out username (I’m ohryanca). Once that was locked down, it became more complicated to scrape content and the bad actors became more clever.

I’m pretty sure I’m right

In a blog post yesterday Facebook announced an enormous array of restrictions to their APIs (which are undoubtedly pissing off a lot of sketchy developers). Regarding account recovery, they mentioned the following:

…malicious actors have also abused [account recovery] features to scrape public profile information by submitting phone numbers or email addresses they already have through search and account recovery. Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way. So we have now disabled this feature. We’re also making changes to account recovery to reduce the risk of scraping as well.

Conclusion

As much as I hate to say it, I don’t think Facebook did anything wrong. Their APIs never fed this data to any and every app developer who wanted. Cambridge Analytica and friends had jump through additional hoops. They took actions that were outside of the normal/approved methods Facebook expected and allowed app makers to access our data.

Facebook simply built a reasonable public profile feature meant to allow you to use Facebook as a home on the web. A URL to share outside the platform.

They built a reasonable account recovery feature, that allowed users to recover their logins in standard non-controversial ways.

There is no evidence that Facebook’s APIs allowed access to the type of data Cambridge Analytica took advantage of. They were just outplayed by an opponent who thought of clever ways to get what it needed.

PS

In case the mainstream media has lulled you in to a false sense of whatever; the democrats have this data too (and then some).

Here is footage of Carol Davidsen (VP of political technology at Rentrak) at a conference in 2015 gleefully explaining how the Obama campaign mapped THE ENTIRE SOCIAL GRAPH OF THE UNITED STATES who were on Facebook at the time of the 2012 election. The techniques she describes are strikingly similar to what Cambridge Analytica is accused of.

All your emo are belong to Russia

Remember Livejournal? All your angst posts about poignant Vagrant Records band lyrics? Selfies (before we called them that) of your pixie cut? Or crucial fades? Stupid surveys…  It’s safe to say that it played a major role in my social life as young adult years and I have most fond memories of that place.

I’d always known that Livejournal became super popular in Russia sometime after I stopped frequenting the site regularly. I sort of left it at that, assuming it was one of those quirky Russian internet things. Turns out it might be a lot more sinister.

The latest episode of – the excellent podcast – ReplyAll tells an interesting story of what happened with Livejournal and Russia.

Spoiler alert: nearly 10 years after its purchase by a Russian company, Livejournal’s servers finally relocated to Russian soil. It’s not much of a stretch to assume that the FSB and friends have direct access to any of your old content that might still be living there….