For a long time, I resisted. This was partly for privacy reasons (though ironically, one of the people who in the end convinced me to sign up through multiple invites was one of my favorite InfoSec professors), but mostly it was because I didn’t want my information overload problem to get any worse.

Call it my fear of artificially induced A.D.D.

And when an old-school lifelong friend of mine tried to talk me into it, I resisted that too, at least initially. But then, after finding out how much of my high school class was online and knowing my twenty-year reunion was coming up, I succumbed. And as much as aspects of it annoyed me, being able to talk to wonderful people I hadn’t seen in decades was great.

Email requires consciously contacting people. Facebook was like passing people in the hallway and getting a little window on their lives – the choice to comment (or not) was mine. And, to be quite honest, it’s allowed me some RL opportunities that not being on Facebook wouldn’t have (mostly, the chance to see old friends who wouldn’t have known where I was otherwise as they passed through Denver or Munich).

There’s a reason even rational people sell their attention and privacy to Mark Zuckerberg.

That doesn’t make a good idea, but there’s a reason for it.

In this world where we all abandon the villages which would have helped us become adults, raise our children, be families, and grow old together, in some sense, Facebook allows us to reconstruct those villages, if imperfectly. I see my friends’ kids grow from across an ocean, get parenting advice from old friends, laugh with people I love. Especially in my situation, where my meager support system was completely obliterated by moving to another continent and where the language around me isn’t the one I dream in, it’s had particular value.

But… I know better.

Facebook’s sole interest in keeping your information private begins and ends with keeping you around so that they can sell your attention and your data. (This is the same, let’s face it, for any “free” service provider – *ahem* Google *cough*) If the pull of the relationships you’re maintaining is much stronger than your desire to keep your information private – or if the policy is confusing enough that you think your information is private when it isn’t – you’ll stick around, and they can continue doing whatever they do with your data. And given that they change their privacy policies on a daily basis, well, generally, Facebook wins that battle.

I’m a smart girl – I know better – and yet I know I’ll lose touch with some people I adore when I leave.

It’s not their fault – life is incredibly busy, and while you may love browsing the pictures of your high school locker partner when you can do it casually, contacting her directly is work. After a long day of work and kids and commutes and blah blah blah, who needs more work? Sometimes, reading a whole blog post seems like work.

Of course, that’s probably because we’ve all had our attention spans shattered by reading mass quantities of Twitter and Facebook updates. I find myself skimming posts because of it that I would have read before. In fact, I’m going to be shocked if anyone reads this far.

But.

Rationality has to win out eventually. I hope – I sincerely hope – friends will still make contact with me once I’ve deleted my Facebook account tonight. I know lots of folks will try to talk me out of it, but it’s the right thing to do. Call it reallocation of attention and an attempt to control which information Facebook owns about me in the future.

(N.B. Even if Facebook claims (and I don’t know that they even do) to delete all information associated with an account, one would be a fool to believe they actually do.)

Look, as a person, I’m actually not all that private, but I am intensely aware of what I make public when I tweet or post here. But because Facebook feels like you’re having private conversations with your closest 300 friends, you tend to have the private conversations you wouldn’t have on public channels. And Facebook has – and keeps – all of that information.

Not good.

It’s the price you’re paying to chat with your bandmate from senior year.

So: much as I am going to miss contact with friends, I’m deleting my account. I need – and want – to reallocate my attention away from Facebook.

I’m not disappearing from the Internet – I’m not even completely avoiding Short Attention Span Theater (i.e. I’ll still be on Twitter) – but I’m going to delete my Facebook account for good.

So, old pals, if you’ve read this far (or you find this post later) and you still want to find me…

Blog: http://blog.kgrothoff.org
Website: http://kgrothoff.org
Email: krista at kgrothoff dot org
Twitter: @kristamonster

Skype and RL phone calls on request (the latter cost me nothing in a large part of the world), snail mail address available if you email me.

I’ll delete the account late tonight CEST. I have very mixed feelings, but I’ve been threatening to do this for more than a year and never go through with it. No, I don’t think I’m so important that this has a major impact on anyone’s life, but there are some beloved people with whom I have only maintained contact with through Facebook that I don’t want to disappear from without a trace.

N.B. I’m well aware there are other alternatives developing out there – Diaspora, for one. We’ll see. And Twitter has its own issues, but that’s for another post.

What the Hell? The police obviously don’t understand how Tor works or what it is for, in spite of now having some experience with Tor operators, and yet even after being proven wrong again and again they still harass the same guy for various content that supposedly “came from” him.

I don’t blame the guy for shutting down the node – it’s one thing to hang on to an important ideal, but there are only so many lawyers fees and investigations – and so many groundless arrests – one can take before deciding that personal interest is more important than “the greater good”. Of course, I suspect this is what the police intend – if you can’t beat anonymous p2p networks by actual analysis or even shutting them down across the board, you can just scare the crap out of the operators until they cry uncle out of concern for their lives and family.

I might expect this kind of ignorance from our guys over here, but I expected rather more from the Germans…

I wanted to address one of them here, though, because on the off-chance the searcher sees this page again, I have something to say to her.

The search query was this: “How can I keep an eye on what my husband is doing on the computer?”

Now, you may think I’m going to answer her question. It’s a question that, for the majority of non-expert computer users, I could probably answer. All of those years in school have to be good for something, after all.

But no, that is not what I’m going to do. I’m just going to respond to her question.

Let me state upfront that I happen to know, in some detail, the story of a marriage (not my own) where the wife wanted an answer to that very question. Very badly. And she did, in fact, finally get one. Her husband had (probably correctly) assumed she was a novice and wouldn’t know how to observe his activities, but he had also underestimated his wife’s ability to find answers when she didn’t know them herself. So she did find out what he’d been up to. And the answer did not make her very happy.

There are two real possibilities if you’re the one asking the question the search query addresses, though: either 1) you’re paranoid, or 2) your husband is up to something on the computer. You may be surprised to note that neither possibility makes you feel very good about you or your situation. And that should tell you that regardless of whether your husband is up to something or not, there is already a problem that needs to be addressed.

My feeling – and this is not all armchair philosophy here, I promise – is that if you’re asking that question, something is already deeply broken in your marriage. If you need to keep an eye on your husband and invade his privacy to satisfy your curiosity or concerns about what he does when you’re not watching, then there are serious trust issues in the relationship. Either you’re having problems trusting, or you know he’s not trustworthy. Either way, something’s already broken. The evidence isn’t going to make you feel better (custody and alimony battles excepted, I guess), and if you don’t find it, once you’ve entered someone’s private sphere, it’s awfully hard to stop doing it. You got away with it once – what is to stop you from doing it again? The lady I mention above is still, to the best of my knowledge, known to read her husband’s e-mail, and this is several years after they resolved the issues that led to her trolling through his computer files in the first place. Which says to me that there are still issues – they may be issues that both spouses are aware of and are willing to accept in the marriage, but it’s something you really need to consider before you walk down that road.

The questions you should ask yourself is what exactly do you intend to do if you find something you don’t like, and what you do if you don’t find anything. If you find something you don’t like, are you going to leave him? Hold it over his head? Keep it to yourself and beat yourself up with it? You’d better be damned sure you understand the possible consequences of whatever you do. And if you don’t find something, how are you going to feel about yourself? Will you keep looking, using your suspicions to continue to dig deeper into your husband’s private activities? Where does it end? Will you feel deeply guilty for having such suspicions? Or will you feel justified in having done so even if there is nothing to be found? And what if your husband finds out you’re doing it, especially if he’s not doing anything? I guarantee you, he’s going to be pretty pissed off.

Think very carefully about this. For many people, whether they find what they’re looking for or not, the consequence of the slippery slope of privacy invasion is that they can’t stop looking. You should really think of it like reading someone’s diary, though… if you read something that folks would generally consider to be covered under a reasonable expectation of privacy, the first person who has to accept the consequences of what you find is you.

Keep in mind that I’m a strong privacy advocate (and I do see the irony in my addressing a search query that the user probably thought was private… No one ever said I was perfect…). That does not mean, however, that I’m supporting people who cheat on their partners, or folks who are up to illicit activities behind their spouses’ backs. Far from it. I’ve seen a lot of relationships fall apart when the husband or wife decides to fool around with someone on the Internet, although I must say that I have yet to see one in which the relationship wasn’t already broken or headed for disaster before that happened. I can understand, when you know something is deeply wrong in your relationship, the compulsion to find out what’s going on. But don’t blame the Internet – whatever may be going on on the computer is a consequence of what is wrong, not the cause of it. Look at the relationship first. I have a very hard time stomaching folks who say that their online liasons are due to an Internet addiction, rather than the result of something missing or wrong in real life. As I said, I’m not a doctor, but I’ve seen it up close – a lot.

You seriously need to consider your motivations for doing what you’re thinking about doing when you ask yourself how you can see what your spouse/partner is doing on his/her computer, and what that may already say about your marriage. I’m not a doctor, but I’m willing to risk stating with a fair degree of personal certainty that you’d be doing yourself a greater favor by entering marriage counseling and confronting the issues that lead you to suspect your spouse (and confronting your spouse, if that needs to be the case) rather than sneaking around behind his back to get information.

Take the high road on this one. You’ll feel better about it in the end.

The Internet is forever. For those of you who think you can post something stupid – or have something stupid posted about you – and not have it linger somewhere for eternity, don’t bet on it. Trust me on this one. That is not exactly what this is about, though.

You can never bet on being truly anonymous online. This should be obvious, but a lot of people are lulled into a false sense of security by the sheer amount of data on the Internet. It is, I suppose, easy to think “only five people read my blog/online journal/whatever, so what do I have to worry about?” People use false names for the major players in their blog stories and presume that this obfuscation is enough to keep them anonymous, never thinking that context usually provides clues to those in the know. It is amazing what you can get from context, and it’s even more amazing what clues you leave behind when you don’t intend to. Staying anonymous is hard enough when you’re just talking about yourself, but bring other people and places into it, and someday, somewhere, someone is going to figure it out. And never assume that all of your readers are benign, either – there are folks out there who get a big kick out of exposing people and throwing their lives into chaos, and you have no choice about whether or not these folks decide to make an appearance on your virtual doorstep.

This is in large part why I don’t write this blog anonymously. Every time I write something, the specter of whoever in or near my life, current or future, might have the worst reaction to reading it looms over me. Sometimes I ignore it, and sometimes I don’t, but it is always there, and it is always worth keeping in mind.

But self-censorship, in its strictest form, is not healthy either. In fact, I suspect that’s why many people write personal blogs – they’re required to keep so much of who they are and what they think bottled up inside in their daily lives that they simply need an outlet. Writing in a diary/private journal is one thing, but that may simply be transferring whatever is being fenced in in one’s head to being fenced in on paper or disk. Blogging is different – it provides the possibility of discussion without the necessity for it, a forum to express oneself without imposing one’s opinion on others. How many times have you read a blog post that included the phrase, “If you don’t like my blog, don’t read it”, or some such? In such a disconnected world, it is little wonder that so many use it as an outlet for expression. It’s not like it’s possible to get one’s thoughts out in the daily 10 hours at the cubicle farm. And some people just need a creative outlet.

Self-censorship also prevents people from expressing real opinions – and God forbid you have a real opinion in public these days. During the year I worked for The Man ™, I wrote very few blog posts due to the nature of the company I worked for – they were (rightly) obsessed with privacy and confidentiality, so I would never have dreamed of blogging about them, but furthermore, working there, in the current American political climate, implied certain political views which I rather vehemently did not hold, and so keeping my mouth shut publicly about pretty much everything seemed like a good idea. In truth, I doubt it would have had any professional consequences (I knew there were other closet progressives like me, though, so it was hard to really know), but I preferred to play it safe. I did my job well, and I didn’t think the current attitude amongst conservatives of questioning the patriotism of anyone who disagrees with them would have served me well. And so I kept my mouth shut, and within weeks after I left, found myself bursting out of my shell with posts of political outrage, fear, or at least serious annoyance.

Don’t get me wrong – I don’t particularly think anyone has a right to shove their opinions constantly in anyone else’s face, but that most people seem to have lost their voices in the modern world simply means that only those with the biggest mouths are ever heard. It doesn’t bode well for us as a society. In case you haven’t noticed, those with the biggest mouths have, for example, kept us in an unwinnable war, completely let down the armed services, destroyed U.S. foreign relations and respectability abroad, and ruined the planet. And their lackeys shout down anyone who tries to argue with it (just try watching any serious debate on a news show – I’m getting a little sick of conservatives with talking points simply using talking louder than their opponents as a form of reasonable debate).

But losing one’s voice has another consequence – not being able to tell your story to anyone anywhere creates a great sense of identity loss, and this is where it gets complicated. We all have a story to tell, and we find different ways to tell it (or we don’t tell it, and are frustrated by that fact). For some people, the blogosphere has turned out to be a great venue for this – people can argue with you, but they can’t simply talk louder than you to drown you out. People can criticize, but in all honesty, you don’t have to listen to it, and they don’t have to read it. The choice of topics is only limited by what you have on your mind, and you aren’t imposing on anyone if you need to blather a little. (Not that I, for example, would ever blather *ahem*…)

So the real problem is how to express oneself while keeping this lack of anonymity in mind. Some people, myself sometimes included, find themselves blogging to spite this idea that one should always keep one’s opinion to oneself. On the other hand, there is a fine line between telling one’s own story and hurting other people unnecessarily. And that is where it gets tough, because very few of us have stories that don’t have supporting characters. If the consequences of this don’t come immediately to mind, check out what is now the classic cautionary tale for watching your mouth on the Internet if you want to keep your job, Dooce‘s blog. (I have to admit, the blog is a favorite of mine.) When personal relationships get involved, it becomes much trickier. You should really never assume that someone you’re blogging about isn’t going to find what you’ve written, and even if they don’t find it directly, chances are someone they know will. Presume that your friends, your enemies, your family, your in-laws, your ex-bf/gf, your classmates, your fiancé(e), your boss, your boss’s cat, your spouse’s boss’s wife’s cat’s mouse, and of course George W. Bush’s personal reader read your blog. Not that they necessarily do, but make that presumption.

I don’t really in my heart-of-hearts believe most of these folks care about what I have to say, but consider the consequences of being wrong about that.

But this is not enough; consider the consequences of being wrong about who reads your blog, and then decide which of those consequences you can live with. There are always potential consequences anytime you open your mouth, and that’s no excuse to never express yourself. For example, if I mention on my blog that I have an annoying spoiled neighbor who pulls our sprinkler out of our lawn because we might get water near her car, and she reads it, she may egg my house. Am I going to not post because of that possibility? No, I am going to post it, and call the police if I catch her egging my house. On the other hand, if I have a dear friend who is in some sort of insane relationship and I have an opinion about it, this is certainly not the forum where I would choose to discuss that; the very real possibility of hurting someone with whom I have a good relationship and love dearly, even if she has no idea how to use The Google, is certainly not worth expelling my own frustrations in a rant. That would be callous and self-serving, and that’s not OK. (N.B. This is entirely hypothetical – none of my friends are currently in insane relationships that I know about.)

But, and I realize I’m entering treacherous waters with this one, there are people who fall in between, and this is where it gets tough. How exactly do you judge mentioning, however obliquely, a situation which involves someone with whom you have some sort of relationship and who does not, for example, respect your feelings or privacy or desires, but expects you to treat their own as sacred? What about when a friend or family member or colleague who doesn’t permit you to have an opinion in spite of their own dogmatic expert opinions on everyone and everything is somehow involved? It’s certainly questionable to mention them just to “get back at them” for being, for lack of a better word, pains in the ass. But what if that is not, in fact, your purpose? Are you obliged to never refer to the situation? Even if you refrain from mentioning names or roles or anything else that would clearly make the person externally identifiable? Clearly, there’s always the possibility that someone who knows you figures it out from context anyway. And perhaps the situation with that person has gotten to the point where the relationship is only a formality; it’s always very hard to care very much about what someone thinks when they couldn’t care less about what you think, and if there’s no real relationship there, it becomes that much more difficult. If it’s not going to expose that person to ridicule, and it’s not going to get you fired/divorced/jailed, what, exactly, is the right balance between self-expression and self-censorship?

You consider the consequences, of course. And you decide whether or not those consequences are worth it. This is much tougher than it sounds.

For example, I’ve written a bunch of posts which may or may not go live at the end of the month, and one of those posts refers, obliquely, to a class of people who are now rather marginally in my life and who, when they get involved with me, tend to want to take over. Clearly, by the nature of this group, they are not folks who really think I’m entitled to an opinion, and in fact, they tend to make me fairly angry, mostly by tromping on my feelings and expecting me to respect theirs. I’ve finally gotten to the point in my real life where I can stand up to them and tell them what I really think, but is posting about related concerns without really talking about the actual people involved OK? Certainly there will be some of them who will be pissed off if 1) they read it, and 2) they are astute enough to understand that I mean them. I suspect they are; I am not often very subtle. But then I think, “These people are usually pissed off at me anytime I tell them they can’t run my life anyway. When was the last time any of these people was worried about hurting my feelings?”

Now, let me be straight here – I wouldn’t post anything to hurt anyone’s feelings intentionally, and it would be irresponsible not to consider that possibility. The thought that most threatens to trump my resistence to posting, though, is this: Why on Earth should I let anyone who has spent time trying to shut down my opinions for no other reason than to be in control keep me from expressing myself? It feels like giving in to the control-freaks of the world, and I’m sorry, but when it’s my own life, I’m just not willing to do that. I do think that if people are unwilling to hear your opinion, you don’t have a whole lot of responsibility to take theirs into account. But I’m sure there are limits on that too.

So I’m not really sure where the line lies, and that’s the problem with telling one’s own story. There are lots of good things in my life, and a few frustrating and bad ones, and I still pick and choose which of those I want to – and am willing to – talk about. Weighing the consequences, though, is tough, whether or not you’ve made efforts to hide your identity on the Internet, and I think you just have to play it by ear and accept what comes, including when you make mistakes in judgement. There are some really interesting stories which I will probably never tell publicly, because, in spite of the fact that I don’t like the people involved, I don’t think airing personal dirty laundry is a good thing. But the stories that are about me which are impacted by other people, well… that is a much tougher call. My feeling, for the moment, is that you do your best to generalize or deemphasize those people to protect them from others’ criticism, and decide whether or not the message you will inevitably send them, intentional or not, is one you want to send them, even if that’s not the purpose of what you write. In my case, it isn’t the purpose of the post in question at all; my post is about me and something that may happen when such folks get involved in a particular situation. I’m pretty sure that’s my story to tell. That other messages get sent as a by-product, though, frankly doesn’t bother me. I’ve been trying to send those messages for years, using just about everything but singing telegrams

But it is a tough call. I will sit on the post for a while longer and think about it.

I will have to consider the consequences of posting… and, perhaps as important, those of not doing so.

I closed comments at some point because it became clear that there were people who, regardless of how and what I said, thought I was implying that this would somehow keep things private from your ISP. Which is lame, because I’d never say something like that. We simply did this because it annoyed us. It’s not very useful.

Also, I made the mistake of calling Busybox a Linux distro in the original post, which it is not – it’s a toolset which, with a Linux kernel added, for example, is useful on embedded devices. My bad. Correction noted, and thanks. However, leaving a comment on another page because the comments are closed here is itself a wee bit annoying. Please don’t do that. The comments were closed because the post is dead. Thanks.

So today Christian and I were setting up the extended network in our new house here in scenic Denver. I set up the DSL modem just for my computer yesterday, since Christian has no power in his suite of rooms, and noticed that the modem had a “web activity log” utility and thought, grumbling, that we’d have to get around to turning that off, because surely there’s an easy way to turn that off, right? I put it out of my mind and went out to dig holes in the garden.

Now today, we decided to get Christian set up temporarily until his study is ready to go, so we moved everything around, reconfigured the network, and threaded a lot of cords and cables into the room next to my study. When we were going through the modem configuration page to set things up, Christian saw the web activity log, and his head started spinning around. Now, we had no choice of modems when we ordered from Qwest, and I did not look around on the web enough to notice that Actiontec advertises this as a “feature” (you know, so that you can keep an eye on what your kids/husband/dog are doing on the internet). But clearly this is not something we want.

Sorry folks, but the last thing I particularly want is a modem that is keeping track of what I am doing. When I surf the net to satisfy my Bernd das Brot fetish, I don’t think it’s really anyone’s business. More to the point, in these days of creepy surveillance everywhere, I don’t particularly think it’s a good idea to have hardware sold to me by my ISP keeping track of what I do on the internet, even if Qwest was the only major phone company not to sell customer information to the NSA. It’s not like Qwest couldn’t keep track of what we were doing on their own, but this does seem like a suspiciously convenient solution to the problem of ISPs having to store huge amounts of customer data – why not have the customers store it on their own? And let’s tell them it’s a “feature”! They’ll be thrilled.

Neither Christian or I were happy about it, and while we found a few posts on the net complaining about this “service” being available (and not readily removable) to the customer without his or her consent, we found no solutions. Fortunately, the Actiontec GT-701 (and several of their other modems, it seems) is running BusyBox (a tiny little GNU toolkit intended for embedded systems), so you can actually telnet in and do stuff to it. With quite a bit of poking around, Christian found where the activity log hides, and we symlinked it to /dev/null to get rid of it. Worked like a charm! There are no guarantees that they won’t hide it elsewhere if folks start shutting off their logs, but in the meantime, here’s the dummies’ guide to how to get rid of that activity log (the only assumption I make is that you can read and you have access to some sort of a telnet client – there’s nothing hard about this):

First, you’ll need to telnet in to your modem with your administrative username and password. If you don’t remember it, it can be changed from your browser on the modem’s web page under Advanced Utilities > Admin Username & Password. In general, unless you’ve done something fancy, your modem (and its web interface) is at 192.168.0.1. If not, you probably know where it is. Anyway, telnet to wherever it is:

> telnet 192.168.0.1
Trying 192.168.0.1...
Connected to 192.168.0.1.
Escape character is '^]'.

BusyBox on (none) login: youradminusername
Password:

BusyBox v0.61.pre (2006.02.18-05:21+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

#

Ok, so now you’re in. You’ll want to change to the directory where the log is hidden:

# cd /var/tmp

The file you’re looking for is log_web_activity. First, you’ll have to remove the file so that we can make it point to something harmless:

# rm log_web_activity

Now, and this is important, in order to prevent the log from being written to, you need to create a symbolic link from the old file name to /dev/null (if you know nothing about Linux/Unix/whatever, think of it as a lovely black hole to which you’ll be shipping your data). If none of that made any sense to you, fear not. Just type what I tell you to type. Afterwards, that pesky file should disappear for good!

# ln -s /dev/null log_web_activity

Now log out of the modem, and you’re home free:

# exit
Connection closed by foreign host.
>

Edit: Note that you’ll have to do this anytime the router reboots. Since, as Christian kindly notes in the comment below, /var is a partition in RAM (and thus it – and your symlink – get hosed on shutdown) and the startup scripts can’t be edited since they’re all in read-only memory, you can’t do anything about it permanently unless you’re industrious enough to build a new ROM image.

In short, anytime your modem loses power or reboots, you’ll have to go through the steps above again.

That should be it.

Now, I’m not saying there might not be people who might have uses for that activity log, but I just don’t think there’s any good reason for my ISP or the manufacturer to put something like that on my modem by default without asking for permission, and plenty of evil reasons for them to do so. This is bad form by industry, and given that your average Joe is unlikely to take precautions to make the box less accessible from the outside, it seems to me to be a reasonably serious violation of privacy. Or maybe the FBI will start getting subpoenas for web activity logs for all Americans who’ve looked at German websites this week dedicated to grumpy bread-shaped puppets with arms that are way too short because some terrorist had bread for breakfast.

Either way, bad idea, Qwest and Actiontec. Bad idea.

Disclaimer: I’m not affiliated with Qwest or Actiontec. Sometimes I’m barely affiliated with me. I also take no responsibility for your modem breaking, exploding, or calling up the FBI to tell them about your bread-shaped puppet fetish. If you really don’t know what you’re doing, call someone (not me) and ask. Use this information at your own risk.

Edit: Thanks to bluezoo7 for catching my typo in the log path…