cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Using Our Brain (a Reflection on FaceApp and Harry Potter)

Level 17

The summer is full of important dates, from national holidays to family vacations to birthdays and anniversaries big and small.

In a few short days, one such birthday is coming up—an event noted and even celebrated by people across the globe. I’m speaking, of course, about July 31—Harry Potter’s birthday.

In considering the legacy of the Harry Potter stories, there are many lessons for the IT practitioner. Examples include:

  • The importance of robust physical security of our most precious on-premises assets, like data and philosopher’s stones
  • The need for security protocols to detect and trap bugs within the system
  • How a strong core team with diverse skills can help overcome threats both big and small

But one lesson stands out for me, here in the days after news broke about the latest internet fiasco, FaceApp. I’ve written before about the many poor choices made by social media companies and app developers – especially when it comes to security, privacy, and transparency. On a personal note, because of those concerns, I left the Facebook platform completely about a year ago.

With those two things out in the open, I’d like to suggest that, of all the Harry Potter characters, it’s the humble but capable Mr. Weasley who exemplifies both how we got to this point, and how we might make better choices in the future.

As for how we got here: of all the people we meet in the Potterverse, it’s Arthur Weasley who most strongly embraces technology. From his tricked-out Ford Anglia to his willingness to try using “stitches” as part of his recovery from a near-fatal snake bite, Arthur’s enthusiastic openness to innovation and alternative solutions puts him on the cutting edge within the wizard community.

But, as his obsession with collecting plugs (and his fascination with things that run on “eckeltricity,” as he calls it) shows, he often doesn’t fully understand how the technology he’s so captivated by works. I’m sure anyone who has worked on a help desk for more than 15 minutes can tell similar stories.

While this lack of understanding doesn’t lead to any serious consequences for Mr. Weasley—and thankfully, the same can be said for most end users in most organizations on most days—we who work in the IT trenches can certainly see where the dangers lie. And it explains how FaceApp, and similar breaches over the past few years, happen; and keep happening; and happen seemingly overnight (I say “seemingly” because FaceApp itself has existed since 2017 and this was not its first controversy). Like Arthur Weasley, some folks are open to new things, and willing to enthusiastically embrace advances allowing them to live on the cutting edge. But their lack of familiarity with the underlying technology causes them to misunderstand the risks.

And all of this leads up to why I think it’s so wonderfully ironic for Mr. Weasley himself to give the simple, yet effective lesson on how to keep our digital lives safe in these uncertain times.

“What have I always told you? Never trust anything that can think for itself if you can’t see where it keeps its brain?”

J.K. Rowling, Harry Potter and the Chamber of Secrets

After discovering how his daughter has been pouring out her heart (and, it turns out, her life essence) all year to a sentient diary possessed by an evil wizard, Mr. Weasley offers up the commonsense rule we all should keep in mind when considering installing a shiny new app; clicking the funny online survey to see which type of dog you are; or tapping the mesmerizing button offering a download of the movie not yet out of theaters.

It’s why understanding where “it” keeps its brain—whether the “it” in question is an app or website or vendor—is so important. As we saw with Cambridge Analytica; Google listening to audio recorded by Google Home devices; weather apps selling user data to the highest bidder; a Facebook API bug exposed photos of 6.8 million users;  and now this latest issue with FaceApp, there is no reason to expect the industry to finally step up and be more careful.

For those reading this and fretting over whether it’s too much to ask simple end users to become expert technologists, I would underscore how the FaceApp issue wasn’t even where or how the data—the “brain”–was being kept. It was in the terms of service.

What I’m talking about is more than another case of the adage “if it seems too good to be true, it probably is.” It’s also the reality that (as another adage goes) “If you’re not paying for it, you’re not the customer, you’re the product.”

So, even if the end user can’t determine where it keeps its brain, we must always remember we know where WE keep OUR brain, and we should use it conscientiously before adding the next shiny new eckeltricity plug app, to our collection.

21 Comments
Level 12

I left Facebook more than five years ago since it was a distraction in my life. I've never regretted it.

Level 12

Who else rolls their eyes when a Facebook user talks about privacy?

Zuckerberg has openly expressed opposition to the idea of privacy and, in accordance with his beliefs, there have been a few incidents where Facebook "accidentally" reset privcy on uers accounts ot make everything open.

But Zuckerberg is a prime example of hypocrisy, as he very strongly protects his own privacy even to the point of buying properties adjacent to his home for a bigger privacy buffer around his house.

Level 14

"So, even if the end user can’t determine where it keeps its brain, we must always remember we know where WE keep OUR brain................"

One of these days I am going to compile a list of these "Leonisms".  Thanks for writing the article adatole​!

Level 17

Of course, that's not MY -ism. That's pure Arthur Weasley there (or J.K. Rowling, if we want to be more realistic/specific)

But thank you for the compliments either way.

Level 12

Facebook is a useful tool for people to keep in touch with distant friends, and to follow businesses of various types in which we are interested.  The issue with it, as with any other such social interaction tool, is what data you feed into it.  And what control do you have over what other people feed into Facebook?  I've had old pictures of me appear from friends, automatically tagged with my information, so if I'm not on Facebook I won't see and cannot attempt to exercise control over it.

And as great a risk is the data we must give to companies in order to do business.  Everyone who reads this almost certainly has had their detailed very personal information compromised by the likes of Equifax, Target, Capital One, and all the other miscreants.  It is nigh impossible to live a life without interacting electronically with companies, and we have no way to truly guarantee they are following best practices in securing our information.  So we can and should control what we share on social media,

Level 20

I stopped messing with facebook too.  I should delete all the old data too...

Level 13

Excellent post adatole.  Thanks for the reminders.  Love the quotes.

Level 9

I really like “If you’re not paying for it, you’re not the customer, you’re the product.” I'd never heard it put that way before, I'm going to start using it!

Leaving Facebook is one thing.  Leaving the rest of the risks on the Internet that we've determined are worth risking simply for convenience is more challenging.  One might as well stay in Facebook if one also continues to:

  • Use any credit card system
  • Use any "smart" system (Alexa, Siri, IoT-anything)
  • Use a cell phone for anything (including calls or playing music)
  • Invest in any company with any connections to the Internet (through which they'll be hacked / compromised / etc.)
  • Manage any money electronically
  • Vote

It's plain that all of those systems, no matter for entertainment, money management, convenience, and no matter local, state, federal, or international--are all vulnerable to manipulation and compromise by others with different ethics and morals.

I no longer see FB as any more of a problem/risk than trusting any bank or Amazon or Microsoft or big oil or the U.S. Government or any religion or any other government or the power grid or the military.  They seem equally stinky to me.  And many are mandatory for existing in our fully-engaged lifestyles. 

How many people can be supported by unplugging?  When enough do that, what will happen to supply & demand chains, to our food and medicine and clean water?

When we can't trust these entities, how will we trust each other instead?

I trust that when I'm in the right place at the right time with the right bait, I'll catch some fun fish.  And release them to spawn and grow.

And that's all I have to say about that.

MVP
MVP

Nice post

MVP
MVP

"It was in the terms of service." therein lies the problem, people don't read these and just tick the box that they accept them.

Level 11

faceapp?  I do not use facebook - I mock it. Also who is this harry potter guy? I know about the books n movies but never been into that stuff? this one was lost on me - I need to get out more I guess

Level 16

Thanks for the write up!

I don't use Facebook either. I use an old app called BBQ. Whenever I want to chat with friends and family I invite them over to the house and we eat, drink, play games and catch up.

Used the app three times in the past week and it works great! I give it 5 stars. 

Level 15

Enjoyable article.  Adding some of those quotes to my list

I hate how they disguise privacy and all sorts of things or basically don't even try to introduce useful tools to people. I've never thought of a social media platform more devoid of basically any moderation tools, antispam, etc. Instead it's just "anything goes" and "who could've expected such a (Terrible thing) could happen?"

My wife works in the financial industry and she just recently met with a person who is totally without technology.  No cell phone, no email address.  Trouble is that my wife cannot process an account application without an email address (vendors require it).  So now, my wife's client must create an email account in order to get their financial account opened, proving that one cannot completely "unplug" if one wants to co-exist in this post-modern, techno-everything world.  As Messr Schroeder alluded to, simply "unplugging" is not going to stop the juggernaut from rumbling onward.  To paraphrase an even older adage, "As long as there is demand, there will be supply.".

Rick's pondering of

How many people can be supported by unplugging?  When enough do that, what will happen to supply & demand chains, to our food and medicine and clean water?

reminds me of an old "Bloom County" strip from back before Al Gore invented the Internets.

pastedImage_4.png

Binkley's statement is much like someone taking a stand against technology and is a perfect example of, as Steinbeck so eloquently stated, "The Sound And The Fury...signifying nothing,"

Level 13

Thanks for the article.

Level 12

That brings us back to the subject of using our brains.

An amusing yet important test at the new Meadowlands stadium before opening to the public was the simultaneous flushing of all the toilets, simulating the expected action at half-time.  They thereby tested and proved an essential feature for the users of a new system at maximum capacity.

Joe

Ah, "capacity planning": an essential, albeit sometimes messy, part of our very existence.

Level 14

Using anything on the internet is a risk.  It is how we evaluate that risk, and decide how much to risk, that is important.  With Facebook I couldn't see how it could make money just through advertising so I assumed they would be doing something with our data.  That outweighed any possible benefit I could see for me so I gave it a swerve and have never had an account.  That's one decision I don't regret.  If only there was an emoji for a smugface.  

MVP
MVP

The only social organization I belong to is THWACK !!! (ok .. I have a LinkedIn profile .. that is the end of the line though)

About the Author
In my sordid career, I have been an actor, bug exterminator and wild-animal remover (nothing crazy like pumas or wildebeasts. Just skunks and raccoons.), electrician, carpenter, stage-combat instructor, American Sign Language interpreter, and Sunday school teacher. Oh, and I work with computers. Since 1989 (when you got a free copy of Windows 286 on twelve 5¼” floppies when you bought a copy of Excel 1.0) I have worked as a classroom instructor, courseware designer, desktop support tech, server support engineer, and software distribution expert. Then about 14 years ago I got involved with systems monitoring. I've worked with a wide range of tools: Tivoli, Nagios, Patrol, ZenOss, OpenView, SiteScope, and of course SolarWinds. I've designed solutions for companies that were extremely modest (~10 systems) to those that were mind-bogglingly large (250,000 systems in 5,000 locations). During that time, I've had to chance to learn about monitoring all types of systems – routers, switches, load-balancers, and SAN fabric as well as windows, linux, and unix servers running on physical and virtual platforms.