Saturday, February 23, 2019

The Clouding Out Hypothesis

I finally bit the bullet and bought a new iMac for my home office. Actually, it was an act of necessity as the hard drive on the old machine was failing.  It may have been failing for some time as many things, particularly startup, were very slow.  But the coup de grace was the inability to launch Microsoft Word, which is one of those apps I use quite a lot, though there is kind of a love-hate relationship there.  Like many others, I hate auto-format.  I want to make formatting choices for myself, not have them imposed by the software.  Partly for that reason, I've taken to do much of my writing within the Blogger post box, which still does browser spell check, but otherwise is neutral.  On that score, I prefer it to Word.  But .docx is a standard and people expect to be able to communicate with others using Word documents as file attachments in email.

In the interim where the old machine was failing, then making the purchasing decision, then waiting to receive the new computer and set it up, the work around I used was to take a Word document that somebody had sent me, drag it to Google Drive, and then edit in Google Docs.  It's a funny choice because the university has a contract with Microsoft for Office 365, so I easily could have used their online version of Word and then would have the document stored in OneDrive.  But I didn't do that and now I'm puzzling a bit as to why not.  In this case I'm not sure whether my fears are rational or paranoid, but I don't completely trust any online provider that holds information of mine.  I don't trust Google more than Microsoft, but I've been using Blogger for years and years and Google Drive for quite a while. So, trust or not, that horse has left the barn.  (Live in the Midwest long enough and you start using idioms you have no right to use otherwise.)  It's no big deal to add one or two more documents to a Google Drive account that already has quite a few. Starting a similar relationship with another company, however, and the old fear crops up again. So I took the path of least resistance rather than confront the fear.

But then my desire for convenience trumped the old fear.  I do most of my stuff in a browser these days and I typically use three different browsers, so I can maintain different identities in each.  Firefox has been my main browser for a number of years.  I use it for both my U of Illinois identity and my lanny.arvan Google identity.  (This blog is accessed via that Google identity.)   I use it for the bulk of my transactions.  I then use Chrome for other things, and with a different Google identity, prof.arvan.  And I use Safari, mostly for the volunteer work I do with yet a different Google identity.

I was kind of dreading having to set up all of this on the new computer, when I learned that browsers now have this "sync" capability.  If you log into the browser on a different machine, but with the same account, all the information the browser stores on the first computer is accessed by the other machine.  This is hugely convenient.   I was up and running on the new iMac much faster than I had anticipated.  But it is also extremely frightening.  Do I trust Mozilla to protect the information I have in the browser?  Likewise, do I trust Chrome?

I should note that the University has a contract with Box.com and I've put a fair amount of my content there, some of it for teaching, a bit for sharing pdf files with the rest of the world, and then some for redundancy of content on my home computer.  At the time Box was chosen (previously the campus had a contract with a company called Xythos and ran a service called Netfiles based on that, but the service reached end of life) it seemed a secure alternative with some nice functionality regarding previewing and file sharing.  I don't know what Box's reputation is now, but its entire business is secure file sharing, so the incentives are in line for them to run a trustworthy service, at least a long as they have a good chunk of the market that demands their product. So I'm more comfortable with it, but I really shouldn't use it for non-university function.

With Apple it is a little different.  I have been reluctant to use iCloud, pretty much for the same reason I'm reluctant to use Microsoft's Cloud services, but one reason for me to buy another Mac rather than to switch back to a PC is that I like the application Messages, so I can read and write text messages on the computer.  I prefer that to using the phone.  I don't completely understand the technology at play here, but I gather iCloud must be enabled to make this work. So while I don't store my files in iCloud....

Let me note that software install is now all downloaded from the Cloud and is actually extremely quick.  The entire MS Office Suite was downloaded and installed in under 10 minutes.  We have a pretty good Internet connection.  (I just ran a speed test which reports 260 MB/sec for download and 23 MB/sec for upload.).  Which gets me to the last topic I want to discuss - antivirus and malware protection software.  On the old iMac, after the university cancelled its contract with McAfee, I found an alternative, Sophos, which was free for home use.  I can't tell by usage what is good and what is bad software in this domain, but I can say you could set up a custom scan for an external drive, which I use so liked, and in real time it would tell you the file it was scanning and how many files remained. I later learned that it reports problems when there is a file it can't scan (such as Microsoft DMG files for the installation of Office components).   So I made an account at Sophos and downloaded a free version for my new iMac.  I ran a scan, which worked fine, but a summary of the results were reported on their Web site (in my account).  I found this very frightening.  If they are collecting my scan results in summary form, what else might they be collecting but not telling me about?

So I uninstalled their app - they do provide their own uninstall program - and looked for some other antivirus program I might use.  I did a quick Google search on "antivirus for mac" (without the quotes) and then I made a mistake, probably from being stressed out about this and some other things.  I clicked on an ad listing, rather than the first real listing.  So I ended up buying a product I hadn't heard of before called TotalAV.  It was the number one rated product on the ad site.  But I read a review of it this morning, which thought it mediocre.  Also it said the low price was for the first year only and they auto-renew for the second year at a much higher price.  While that is a concern, my real question is about whether these antivirus companies are harvesting your data without you knowing about it.  What other company do you allow to do a full scan of your device?

And, then, if they are capturing a lot of information about you, does it really matter whether your content is on a local machine or in the Cloud?

“Just because you're paranoid doesn't mean they aren't after you.”
― Joseph Heller, Catch-22

No comments: