Episode 46: Well, actually, we are tracking people

Download: Episode 46.

This week Audrey and I chat about the new selfie feature of Google’s Arts & Culture app; vaporware products, arbitrage, and other strange aspects of global eCommerce; and discuss user consent and the web browser. Enjoy!

Show Notes

Community Announcements

Issue 9: Hard Problems, now shipping!

Our first issue of 2018 focuses on the hard problems we try to solve in our work and our careers. Get it in the shop now.

Now Broadcasting LIVE most Fridays

We broadcast our episode recordings LIVE on most Fridays at 10am PST. Mark your calendars and visit recompilermag.live to tune-in.

We love hearing from you! Feedback, comments, questions…

We’d love hearing from you, so get in touch!

You can leave a comment on this post, tweet to @recompilermag or our host @christi3k, or send an email to podcast@recompilermag.com.

Transcript

CHRISTIE: Hello and welcome to the Recompiler, a feminist hacker podcast where we talk about technology in a fun and playful way. I’m your host, Christie Koehler.

Episode 46. This week, Audrey and I chat about the new selfie feature of Google’s Art & Culture app, vaporware products, arbitrage, and other strange aspects of global e-commerce, and we discuss user consent and web browser. Enjoy.

We are live, January 19, 2018. Recompiler podcast live recording of episode 46. Marching on towards 50, Audrey.

AUDREY: Wow. It looks great. When we started you were like, “I just want to get through our first 50.”

CHRISTIE: Is that what I said? That’s funny.

AUDREY: Yeah. It might have even been first 100 and I was like, “That’s going to take a while.” But yeah.

CHRISTIE: Yeah, because even if we stick to a weekly schedule, 50 is almost a year. And we’re getting better, I think, weekly. But I still get bogged down here and there. So, we got some fun stuff to talk about this week. So, I guess this happened over the weekend, which I also had a really weird thing happen with my phone over the weekend.

AUDREY: Oh yeah. We don’t have enough – I guess we should talk about it a little bit at the end, maybe. Just as a curiosity, your phone.

CHRISTIE: Yeah, so when I could still look at the App Store I noticed that all of a sudden this Google Arts & Culture app was trending. And around the same time, I was seeing people post these, not a montage, but post a photo composite where one side was a selfie of them and another side was clearly a piece of art.

AUDREY: Yeah, I saw a wave of these on Instagram all of a sudden. And I knew I had missed a trend.

CHRISTIE: That’s pretty much my experience all the time. I just notice the trends float by me. Pass me by. Yeah, so what was this, Audrey? Did you try it?

AUDREY: I didn’t try it because it’s funny. I think we probably had a conversation on the podcast about this, not just in person. But at some point with the previous one of these open selfie apps, you had made a really strong point about the data collection that goes on around that. I was like, “Do I really want to train Google to recognize me? I don’t know.” So, I didn’t try it.

CHRISTIE: Yeah, there’s a couple of issues I think we talked about in the context of that one app that made you – it made your selfie a glamour selfie.

AUDREY: Yeah.

CHRISTIE: And I think in that case, the app was also installing device fingerprint code and then sending that somewhere. So, that’s one issue with these things is, “What kind of surveillance is happening with the app?” And if the apps are free, I just assume there’s something like that. And then there’s this issue…

AUDREY: But Google doesn’t need to do that. They already collect so much data.

CHRISTIE: Right, especially since Android. But then, another issue is a lot of these free products, especially from Google, are really – the main purpose I would argue is not them providing this cool, free app to you. It’s that they need a very large user base to train their AI and their neural networks and their machine learning. And that’s what Google Voice was, right? In part?

AUDREY: Yeah, to get the transcription you mean?

CHRISTIE: Mmhmm, yeah. Which was – they bought, what was that company they bought? Grand Central?

AUDREY: Mmhmm.

CHRISTIE: And so, when I saw this I immediately – and I don’t know that anyone’s verified this, but I immediately was like, especially with all the – I just feel like we’ve been hearing a lot about facial recognition. And Apple just rolled out the iPhone 10. Why I can call that 10 and not OS X 10 – oh, I just did it. OS 10. I don’t know. But anyway.

AUDREY: Biometric data and facial recognition data is collected and used all over the place. I saw a passing reference to it on Nextdoor, my favorite thing to complain about again this week. Because somebody was complaining like, “Oh, all these criminals are in our neighborhood,” which just insert an eye roll here. “The city and the county, they aren’t even trying to track people.” And somebody chimed in to say, “Well actually, I work for the contractor that makes the software for some of that biometric collection.” So yes, we are tracking people. When they come in, they get mugshots.

CHRISTIE: Oh, interesting.

AUDREY: Yeah. I don’t know. I saw them and I’m like, “Way to brag during your presumed NDA.” It’s just everywhere, yeah.

CHRISTIE: So, I don’t really know. I don’t know how often Google would need to differentiate a living person’s face from that of artwork. But I presume there’s some use like that.

AUDREY: Well, and they’re already really good with Street View about blurring faces. So, face in general isn’t the issue but maybe some other kind of categorization like clustering.

CHRISTIE: I have to say with Street View, even with that blurring, if you know the person who’s captured you can still recognize them. I know this from personal experience. It’s kind of creepy.

AUDREY: Yeah. When I bought the house, we looked at Street View to see if the previous people were outside. And yeah, in one of the photos you could see one of them out on the front lawn. And by skin tone, hairstyle, all that kind of stuff, you can recognize people.

CHRISTIE: Yeah, if they’re wearing sunglasses or any kind of glasses you can kind of still make that out. Different structures or whatever. The other issue that I started thinking about a lot with these things, and this pertains more to those online quizzes like, “Which Game of Thrones character are you,” or, “Which Buffy the Vampire Slayer character are you,”, “Which Hogwarts house would you belong to?” Those are also collecting data about us. And I still, I can’t remember the term for this, but the, is it sociometrics or something? Anyway, the data that these firms like Cambridge Analytica are collecting where they collect your purchase history and your credit record and your voting history, they also collect social media data including things like these surveys. And they are basically – they help create profiles about you, and the behavior that these AI and these databases think that you will exhibit in given circumstances. So, if you purchase a lot of 7th generation products and drive a Prius and are a certain Game of Thrones character, I’m totally making this up as I go, but…

AUDREY: But you can profile people in a certain way and predict what they might buy, what they might do. Who they might vote for is the thing that everyone’s become a lot more aware of in the last year and a half. Yeah. And I’m realizing as you talk about those surveys, a lot of them won’t give you your answer unless you put in an email address. So, they are actually asking for a token that will make you identifiable.

CHRISTIE: Yeah. So, I guess if you wanted to take those, at the very least open an incognito browser and maybe give them a fake email or a Mailinator email or something.

AUDREY: That’s a lot of work to go to, to find out what Game of Thrones character you are.

CHRISTIE: It is. It is. I usually don’t do those things. Every now and then I have a moment of weakness. Yeah. And then you found some articles about how Google – So, this Arts & Culture app, it’s not a new app. It’s been around since 2016. But that selfie matching feature is new to it. So, that’s why it kind of exploded. At least, I think.

AUDREY: And I haven’t looked at to see where it got posted first or anything like that. Usually, there’s one or two places that picked up on it. And then everyone does.

CHRISTIE: Right. And then everyone installs it and then it’s…

AUDREY: And then it’s all over Instagram and Twitter.

CHRISTIE: Right. But there are two states that they’re not allowing use of the whole app, or just the feature. That part I don’t remember.

AUDREY: Yeah. Shoot, I didn’t leave that part of the article open. Let me quick check.

CHRISTIE: Well this says, “But Google is apparently barring the app feature.”

AUDREY: Okay.

CHRISTIE: “In Illinois and Texas.”

AUDREY: So that they can remain in legal compliance.

CHRISTIE: Yeah. And the articles mention that they’re not – it’s not clear if Google absolutely has to do this but it’s like acting out of an abundance of caution. And to me, it kind of makes sense if Google thinks they might get in hot water in two states. That really, that’s not going to – they’re not – this is, what am I trying to say? The customer is not the customer. The user is not the customer for this app. So, it makes more sense for that.

AUDREY: They’re tacitly acknowledging that the data that they’re collecting does have other uses.

CHRISTIE: Right, yeah. And I don’t think it’s being used outside of the states, because Europe has such better, more privacy respecting laws about this stuff.

AUDREY: Yeah. I wouldn’t have pegged Illinois and Texas as the two places that would have restrictions on the use of biometrics. So, that’s really interesting.

CHRISTIE: Right, because they have some crappy laws in other context, right?

AUDREY: Yeah. It’s not like anything is ever uniform.

CHRISTIE: Right. Yes, Texas does not have employment anti-discrimination laws. I don’t know about Illinois. I forget. Okay.

AUDREY: Well, there was another aspect of this app that people brought up a lot. And that’s about who is represented in those museum collections and who is able to get really relevant and interesting matches.

CHRISTIE: You mean white people?

AUDREY: Yes, predominantly white people. Yeah. And so, for a lot of other people, you might get it and get one option and it’s really pretty racist. And it’s not that – there’s a couple of people I’ve seen online collecting examples of medieval art that do show people of color. That doesn’t mean that that’s necessarily what Google is representing accurately. And we have an article to link to that talks about that a little bit more, that distinction.

CHRISTIE: It says, “But the latest iteration of the Google Arts & Culture app promises,” I love that word, “to scour more than 12,000 museums in over 70 countries to find one’s art doppelganger.” But I don’t know that we know what list that is and what extent of the collections they’re looking at and…

AUDREY: Yeah, some people seen to have gotten reasonable results out of it and some folks didn’t. Yeah, it’s pretty varied.

CHRISTIE: Yeah, we can have a whole podcast on representation in art.

AUDREY: I’m sure somebody does. If there’s the RacistSandwich podcast, then there’s definitely got to be that.

CHRISTIE: There’s a RacistSandwich podcast?

AUDREY: They were local. You didn’t hear about this? It was really cool. Like, food and race and yeah, restaurants, cuisine.

CHRISTIE: I don’t know what else to say about the Google art thing. Anything else with that?

AUDREY: Yeah, I don’t know. It’s interesting. It gives us a chance to have a conversation about some of these aspects. It is unlikely that we’ll know exactly what happens to that data. It’s unlikely that everyone in Google will know exactly what happens to that data. And you know, if it helps people have a conversation about art history, that’s good too.

CHRISTIE: Yeah. I think it’s very likely that very few people know what happens to that data at Google. When I worked at Mozilla we were like, six to eight hundred people and that was already big enough that it was impossible to know what was going on across the whole company.

AUDREY: Right, yeah.

CHRISTIE: And Google is many orders of magnitude more than that. That’s the thing that makes accountability with companies very difficult, among other things.

AUDREY: Yeah.

CHRISTIE: So speaking of accountability, and scale and complexity, you went down this rabbit hole of global e-commerce here.

AUDREY: It was a really serious rabbit hole. I forget. I think I had – so this first article that we’re going to talk about, I think I’d seen it about a week ago. And then at some point over the weekend I realized that I had seen an example that I thought was relevant to this. So, I read through the article again. I looked at the example that I had. I tried to make sense of it. Ended up eventually buying a bag on the internet and starting a sock shop.

CHRISTIE: Okay, alright. So, wow.

AUDREY: This is a lot, yeah.

CHRISTIE: It is a lot.

AUDREY: But I learned so many things in this process.

CHRISTIE: Right, which you tried to catch me up on during our show planning meeting yesterday. And I think I’m still feeling a little stunned. Okay. So, Alexis Madrigal has an article in The Atlantic, ‘The Strange Brands in Your Instagram Feed’. And it says “A new breed of online retailer doesn’t make or even touch products, but they’ve got a few other tricks for turning nothing into money.” And in this article he talks about how he bought a coat, camel hair coat? I don’t know if camel will refer to camel hair or just the color.

AUDREY: I think the color, in this case.

CHRISTIE: And it was from an Instagram ad. And well, he finally got it. And he noticed that it came from China via China Post, I think. And he opened it and he says “The material has the softness of a Las Vegas carpet and the rich sheen of a velour jumpsuit. It was, technically, the item I ordered, only shabbier than I expected in every aspect.”

AUDREY: And he discusses a little bit the branding around these things and how there are a number of these startup clothing and house wares brands that all, they all kind of look alike. I can’t remember if we talked about the online mattress marketing wars on a previous podcast. But, there’s just this really interesting stuff going on around global commerce and branding right now and how we do see those things on Instagram. And it’s hard to know where they fall into this whole sphere of activity. Are you looking at a manufacturer, a retailer, a startup that thinks it’s just going to stretch into that business? Or in this case, are you looking at a really shoddy knock-off?

CHRISTIE: Yeah. It kind of goes back to that New Yorker cartoon. Nobody on the internet knows you’re a dog. We don’t know who we’re buying from.

AUDREY: No, really don’t. And branding is often used to soften that and to – it’s obviously essential if you’re trying to get people to remember what you are. But at the same time there’s – you know like every coffee shop starts to look alike? There are these motifs that can also serve to hide things.

CHRISTIE: Right. Branding can act as a kind of slight of hand to distract you from the fact that this may be a cheap knock-off good. So it says – and the other thing Alexis talks about is the scale of automation that’s involved with this. So, he says, “Shopify serves as the base layer for an emerging ecosystem that solders digital advertising through Facebook onto the world of Asian manufacturers and wholesalers who rep their companies on Alibaba and its foreigner-friendly counterpart, AliExpress.” And then he says “Some Instagram retailers are legit brands with employees and products. Others are simply middlemen for Chinese goods, built in bedrooms, and launched with no capital or inventory. All of them have been pulled into existence by the power of Instagram and Facebook ads combined with a suite of e-commerce tools based around Shopify.”

So, you kind of went down to…

AUDREY: Yeah, there were two directions that I took this. One of them was that because I had seen an Instagram ad, that I realized reading this article was similarly too good to be true. I decided to try to find out if the product – I mean, every time it comes through my feed I look at it and go, “Somebody’s got the best targeting here, because it is so perfectly to my interests.” And so, I decided to try to find out if it was a real product. And by real, I mean one, is it if I buy it, will I receive it? But also, if I buy it, will I receive the thing in the photo? And so, I looked at the comments on the ad post. I looked at the Instagram account in general. One of the things that Alexis Madrigal points out is that when you actually go back and look at the feed that those ads are coming from, sometimes it’s really just a bunch of stock photography or not a lot of things that make it look like a real account in the end.

CHRISTIE: Right. And I have experiences on Amazon, too. Yeah.

AUDREY: Yeah. And so, I went and I looked at that. I looked – I did some reverse image search on the better product photos. And I started to find the same product being advertised on Amazon. And at some point in this I realized that there were the photos that seem to be coming from the manufacturer. And then there were these really great lifestyle photos that everybody was using and everybody was using the same lifestyle photos. And I’m looking at the schematics and the measurements and how the base of the bag was a slightly different width in their official product measurements. And I was really thinking about this. And then finally, through all these searches I found the original company. And all the photos match. And the price point was way higher. And I thought, “Well, this is really great. I still want it.” I emailed them. There was a little thing on their page about knock-offs. And I emailed them. I said “Hey, I think this is how I found you, is through the knock-offs.” And they were like, “Yeah. It’s a problem. We’re really glad that you like our product. But it’s a problem.”

CHRISTIE: So, did you end up ordering it from them?

AUDREY: I did, yeah.

CHRISTIE: Okay. So, you think had you ordered it from one of these other things, you either would have not gotten something or would have gotten a knock-off?

AUDREY: Yeah, and with worse fabric, worse stitching, worse quality. Who knows if the pockets would actually be the same size? Yeah, I wouldn’t have a lot of trust in that in the end. But I would have only paid $12.

CHRISTIE: Right. Do you think that’s partially how this works, is that the price point is to your benefit and when you get the thing and it’s crap, it was an amount such that you’re not really willing to fight about it?

AUDREY: Yeah. I think that’s definitely a part of it. And also, maybe you’re a little embarrassed that you bought a thing off the internet and it wasn’t as good as you thought.

CHRISTIE: Right.

AUDREY: You know, you’re the one that made that choice. One of the Instagram comments I saw, somebody had asked, they’re tagging each other, “Oh, did you buy one of these?” And the other person said, “Yes. But you know that color, that yellow looked really good on the website and it doesn’t look that good in person. So maybe, don’t order the yellow one.”

CHRISTIE: Yeah.

AUDREY: It was like, that’s such an indicator. And I don’t know. I’ve heard about knock-off products for a long time but I’ve never encountered something that tried to educate consumers on this part of it. And I just thought it was really interesting how easy it is to take those original, lifestyle photos, to try to recreate the product. And because these things can proliferate so quickly, it’s not worth the original seller’s time and effort to take those things down. At best, you send a copyright thing out against the photos, right? But you could spend all day doing that and you still have a product to sell.

CHRISTIE: Right, right. And it becomes a game of whack-a-mole that you really can’t keep up with.

AUDREY: Yeah. So, that was one direction that my rabbit hole went. The other direction was around this ecosystem that’s described in the article about Shopify and Facebook advertising and AliExpress and dropshipping. And I started looking around on AliExpress. I’ve heard about Alibaba for a long time and how if you want to buy a cheap lot of computer cables, this is the way to do it. But I never really – you have to spend more time looking at the retailers and trying to figure out what you’re buying. It never seemed easy enough for me. But looking at AliExpress I realized that there’s a category of products on there that I would buy and that I did have enough information about to feel like I would know what I was getting. And because you’re not buying a bulk lot, you really could just get one or two things. And that item is socks. I impulse-buy socks all the time when I see a pair I like.

So, I went through and I made a list of socks, basically. I set up a Shopify account, I went and there’s a dropshipping plugin that’s mentioned that seems to be just by far the most popular one called Oberlo. And you really do just paste in URLs and click and then it puts those things in your shop. And if you want it to not suck you have to spend a little bit more time on it. But that’s kind of the base part of it. And then for the Facebook advertising part, Shopify has this virtual marketing assistant plugin that they offer for free. And it’s called Kit. And you hook up Kit to your Facebook Page and click some buttons for the Facebook ad agreements. And all of a sudden you are running an ad campaign to try to sell your first product.

CHRISTIE: And is that where you pick the keywords or interests to target, stuff like that?

AUDREY: Yeah. But it doesn’t get that detailed. I really got interested in the idea of, what kind of feedback loops are involved here? Because there’s a lot of stuff. So, this kind of dropshipping business can be really big, really lucrative. And there’s a lot of them, which means that there’s a lot of blogs and podcasts and online courses and things like that. And people want to know, how do I pick a product? How do I choose the top sellers? And I started wondering about the feedback loops involved in that kind of selection. And this sort of automated sourcing that goes into it, and also the advertising. But on the advertising side of it, it actually tends to, at least with this plugin and this kind of thing, they’re starting quite broad. You can run your first ads just on everybody who can technically buy your product. And what it’s offering to scale that down is this lookalike matching. So, if you pay $30 and you get your ad in front of however many thousand people and I don’t know, I paid $15 and I got 50 hits on the shop, it can retarget based on the demographics of those people.

CHRISTIE: So, it sort of refines as it goes?

AUDREY: Yeah. And once you have customers especially, Facebook has a way to, I didn’t dig into this too far, but Facebook seems to have a way to basically make matching demographic groups from an existing set. So then yeah, you let it target down, which this goes back to some of that YouTube advertising and content weirdness. And it was putting it in that context that I think kept me looking into this to try to understand how much – like if I put in a seed of an ad for unicorn socks, then how much of what happens two weeks from now is just a measure of how that was pitched and how that was promoted and who clicked on it? Do my ads slowly gravitate towards some other endpoint because of who happens to respond to the first piece and the second piece and so on? And the ad content itself, there’s just a dozen things that randomly gets selected. It’s not very sophisticated but the way things are sold to us is still pretty generic most of the time, unless we’re talking about a luxury brand, like a lifestyle brand that’s put a lot of effort into it. Sometimes, “Look at what I’ve got” is really as far as these things need to go. Like, “Look, I have some things. Would you like one of these?”

CHRISTIE: Right. It’s very much that crap that they put near the registers at grocery stores, or any other kind of retail store. The gum and the cheap USB chargers and the other, the [inaudible].

AUDREY: Yeah. Or your grocery store flyers. How much do you really want them to try to get creative with what they tell you? But there’s a lot of this…

CHRISTIE: Definitely a fan of the Trader Joe’s Fearless Flyer.

AUDREY: Sometimes, sometimes. Sometimes I look at it and I’m just like, “You try so hard.”

CHRISTIE: I don’t think it’s changed in 20 years.

AUDREY: No, probably not. But there’s one more component that enables this. And that’s around the shipping. There is a service called ePacket that’s been around since 2011 where China Post and I think it’s actually HongKong Post, at least the original agreement, and the US Postal Service, they work together through this weird – there’s some kind of international shipping regulation that goes way back about how packages transfer from one country to another through the postal service. But basically, it can be cheaper to ship something from China to an address in the US when it’s within this certain size and weight category.

CHRISTIE: Right, not can be, like pretty much is. I did a little more reading on this because this was the part that I was – that sort of intrigued me the most or what astounded me the most. And there’s an international treaty or union or something that determines international shipping prices. And it was I think developed in 1969. And China is classified – like the US is classified as a tier 1 and China is classified as a tier 3.

AUDREY: And so, that difference means that China charges whatever it does but the US Postal Service can’t charge more to get things from China to here, right? Like it’s controlled, what that price is.

CHRISTIE: Yeah. The price to ship to a country is what this thing’s determined. So, to ship anything to the – I’m sorry. Wait a minute. I’m confusing it. Maybe it’s the origin. Anyway, it means that shipping from China to the US is much cheaper than to ship from the US to China, or even from within the United States. There was this – let me find – they basically said that, “To ship from China to the US is cheaper than to ship from Los Angeles to San Francisco.” So, that’s one part of it. And then the other part of it is this ePacket program which I don’t quite understand the details of. But it’s some deal or reciprocity with the USPS that – let me, do I still have this one thing open?

AUDREY: ePacket’s the part that puts it into practice for these kinds of small shipments like socks.

CHRISTIE: Yeah. And so, it basically – let’s see – you get door to door tracking. And this is this program where the USPS loses a lot of money on it. And I was trying to figure out why they lose so much money. Because I was thinking, “Well, if the package is originating from China, how is the US Postal Service losing money on it?” And here’s, I think I’ve figured some of it out. For one thing, when it comes into the United States, then USPS has to deliver it. And because it costs so little money to ship – well anyway, there’s also it says “Free returns on any undeliverable items.” So, I’m assuming USPS eats some of that cost.

AUDREY: Right. And I think some of that idea of losing money is relative to potential money if it came through a different system and still used the postal service. You know what I mean? I don’t know if it’s a real loss or more like lost potential revenue. [Inaudible] certain assumptions.

CHRISTIE: Yeah. There’s just this one line in this Practical Ecommerce “A U.S. Office of Inspector General report found that the USPS was losing $39 million from ePacket in 2014. It’s a program that…”

AUDREY: And maybe it does cost more to do it than they receive for it.

CHRISTIE: Yeah. That gets to a little detail I don’t quite understand. Yeah so, there’s the treaty or the Universal Postal Union setting the rates and that there’s just disparity between China and the US and then there’s this ePacket thing. And to be clear, I can’t remember if we were – this is the part that I hadn’t really understood before you explained it to me. But that when someone buys something through your Shopify site, and I don’t know if this is automated or you have to copy/paste, but you place the order through AliExpress and it gets sent directly to the original purchaser? Like on a one-to-one basis.

AUDREY: Yeah, and that’s what this plugin does for me. So, it lets me copy the listings from AliExpress to Shopify. But then when the sale is made – oh, and it updates the prices. So, if the price of a pair of socks goes up, it will adjust my price using the markup that I’ve chosen. But then when the sale happens, and nobody’s bought a pair of socks so this is theoretical for me, when the sale happens, I should be able to go back and use the plugin to place that order. And it’ll help me manage the tracking.

CHRISTIE: So, if you listener, listeners, want to participate in this experiment, you can go to, is it NekoSocks.shop?

AUDREY: Yeah, NekoSocks.shop.

CHRISTIE: I’ve been saying that wrong this entire time, probably. It wouldn’t be the first time.

AUDREY: If you buy socks, then I will click a button. There’s a Chrome extension that I’m supposed to use. I’ll click a button. I’ll send the order off to the merchant in AliExpress. And I think most of these are various kinds of wholesalers in China. It’s a little hard to spot who – what’s a designing company, what’s a manufacturer, what’s a wholesaler.

CHRISTIE: You mean, through AliExpress? Those different levels connected

AUDREY: Yeah, and through my lack of cultural knowledge and business knowledge here. I have no idea how these companies are actually structured.

CHRISTIE: So, the old way of doing this before we had Silicon Valley apply its scale to it, was you would have to purchase a lot of goods from China and have them shipped in a container. And then you would have to store them.

AUDREY: Yeah, and they would come on a boat.

CHRISTIE: It would come on a boat, which presumably takes a lot longer. Because the ePacket’s all shipping by air.

AUDREY: Yes.

CHRISTIE: Which is a little stunning to me.

AUDREY: Yeah. So, you can get your things in like, two weeks.

CHRISTIE: And then you would have to store the inventory and have some kind of – you would have to fulfill it yourself or hire a fulfillment company.

AUDREY: Yeah. Although if you’re doing that kind of scale now with these kinds of products, the way people are gravitating toward is using fulfilled by Amazon. And you can potentially have your container sent directly to Amazon’s distribution point.

CHRISTIE: Yeah, Amazon has added a lot of service. Like all the other industries, Amazon wades into their – I don’t know what I’m trying to say – taking over.

AUDREY: Invasion?

CHRISTIE: Yeah, I don’t know so much about the companies that occupied this space before. But my sense is that Amazon has probably taken a lot of their business.

AUDREY: Well, isn’t there some stat that we keep seeing about half of purchases in the US come through Amazon now in some way?

CHRISTIE: That’s astounding.

AUDREY: Amazon Prime has had this, just enormous impact on everything. And we get used to it and get used to using it and don’t think about it anymore. But there’s a lot of kinds of products where I just go straight on Amazon and I look for it there. And reading a lot of these e-commerce blogs actually showed me that I’m losing something with that bias and that there are definitely a lot of companies that take advantage of that.

CHRISTIE: What are you losing with that bias?

AUDREY: Well, I’m not making as informed of a purchase as I thought I was.

CHRISTIE: Gotcha.

AUDREY: Yeah. And there’s a good chance that I’m paying more for certain kinds of goods.

CHRISTIE: It could be worse. You could be shopping on eBay, right?

AUDREY: Yeah. Well, this is a total, just a footnote, but yeah. There’s a whole sub-industry of people who sell stuff on eBay that is actually listed on Amazon. And sometimes, they’re not even the original lister. It’s just another way to buy low, sell high.

CHRISTIE: Right. And they’ve made tools to automate many steps of this.

AUDREY: Oh yeah. For any one of these things, there is some kind of a software tool that will help you do it better.

CHRISTIE: Good times.

AUDREY: Yeah. And I don’t know. This is really, really fascinating. I’m going to poke at it more, especially because I don’t understand the retargeting and the tracking as well as I want to, for the advertising. And some of this, whatever Kit is doing with the Facebook marketing and the sort of approach that that’s taking, I’d like to poke at it more.

CHRISTIE: And Kit’s the thing that Shopify provides.

AUDREY: That Shopify provides, yeah. They send, because we use Shopify for the Recompiler Shop and it integrates really well with a lot of things that we care about normally, I got a ton of email about this Kit thing last year when they launched it. And it’s definitely geared toward a very specific kind of shop. But lucky for me, it’s the kind of shop that this cat sock shop is.

CHRISTIE: It cracks me up because I like to complain about how horrible these tools are to use. But what it’s enabled is a whole third-party ecosystem of tools to use the hard-to-use tools. To abstract some of the complexity of Facebook ad targeting, Shopify makes Kit.

AUDREY: Yeah. And all I had to do was tell Kit that I wanted to make my first sale and that I thought we should target people who like cats. And that was what it needed to go.

CHRISTIE: Alright. Anything else with that strange, wild world of e-commerce?

AUDREY: I’m just checking to see if I – if my ad has sold a sock yet. But I don’t think it has. Well okay, there is one more thing that I want to reference, and that’s this really great write-up called ‘There’s No Such Thing as a Free Watch’ from Jenny O’Dell who looked into a little bit more of this knock-off product ecosystem and the ways that things are sold and marketed, including offering things that look expensive, are actually cheap, for free, with some shipping costs. And how that can produce a certain kind of product.

CHRISTIE: Alright. We’ll link to that. I know I didn’t have time to read that.

AUDREY: I thought it had a lot of the angles that we’ve been talking about in a really, really interesting way.

CHRISTIE: Cool. So, our next topic is this essay by Diana who you said is a Recompiler contributor.

AUDREY: Yeah.

CHRISTIE: Titled ‘Regarding Browsers’ and you referred to it as “JavaScript and consent.” Tell us about this one, Audrey.

AUDREY: Well, this started as a conversation on Mastodon that kind of came out of all of the things that we’ve been saying about Spectre and Meltdown and how JavaScript works in the browser. And Diana had raised some really interesting questions about, “Is this inevitable? Is this something that, a direction that we would have always taken given the way that we use browsers?” And what role different participants have in making that happen, where we have not just JavaScript in the browser but JavaScript in the browser integrated with the system such that it could be exploited. And without the user really having any visibility into that.
And so, what she wrote about here is what it would look like if users were asked, “Do you want to install this thing?” What it would look like if we had a more active role, more active participation in that? And how that would be constructed. And I just thought it was so interesting that it came back to this idea of user consent that I haven’t seen anybody raise. We talk about these kinds of exploits a lot, but we don’t necessarily talk about it from the angle of “You didn’t really even know you were installing software.” It made me think of those shrink-wrap EULAs where you’ve unwrapped the package, so now you agree to the terms of service of the entire thing, that were very legally contentious for a while but I think are quite commonplace for certain products.

CHRISTIE: Yeah, Diana provides a three-point wishlist of, I guess that’s one way to describe it, at the end of the essay. One of the things that really stood out to me about it is solidifying the virtualization. And it says, “JavaScript operates on a parody of a virtual machine.” I just really like that line. It says “We dance around the lack of a filesystem and the absence of proper network interfaces. What if we gave up the lie and just executed remote code in strictly permissioned VMs? If a program needs filesystem access, it needs permission, and it still won’t be the host filesystem. Need the network? Get permission. Want to daemonize? Permission.” It’s much more how our mobile operating systems have come to work. And I think Android is on par with iOS here in that you install an app and then the first time or when you install it – I think, because I’ll be running the app and then I’ll go to include a photo and it’ll say, “Can I have access to the camera” or whatever. And our browsers don’t do that now. Nor really do other desktop apps. But the browser is particularly bad.

AUDREY: Yeah. I think because the browser has this such expansive access. Usually, to access your camera it’ll need to ask at least the first time. But for most other kinds of things that it can do on the system, it just does it.

CHRISTIE: Yeah. Another part of the essay “If you permit an arbitrary program to make network requests (ex: Ajax), it can use your browser to mine *coin,” some kind of cryptocurrency. “If you permit it service workers, it can continue mining even after you’ve closed the tab. With P2P software like IPFS, it can establish a service worker that uses your browser to peer content you may not know about.”

AUDREY: Oh, interesting. Yeah.

CHRISTIE: “This is a wretched state of affairs. Entering a URL does not represent consent to install software.” Yeah, this is a nice, sweet, short essay. I really appreciated this. And it ties in yeah, like you said, to what we’ve been talking about with Spectre and Meltdown and different protocols and things like that.

AUDREY: Like I said, I just really liked how she had centered the user in the conversation. And so much with the security problems and the privacy problems that come out of this stuff, we just tell people to install their patches and cross their fingers. And we – it was just really nice to see somebody envisioning an option that was healthier than that.

CHRISTIE: To me, it really makes me wonder. What would the technology ecosystem look like if more people who already had these sorts of ideas [inaudible] were involved in designing it, too. Alright. I think we’re two favorite things on the internet?

AUDREY: Cool.

CHRISTIE: So, was it this weekend? Yeah, it was Saturday. Saturday, that’s right. So, Saturday Hawaiians had a pretty crappy morning because a civil alert, I don’t know what to call these things, emergency alert?

AUDREY: Yeah.

CHRISTIE: Went out basically saying there was an incoming missile strike, which is pretty horrifying.

AUDREY: Included the line “This is not a drill.”

CHRISTIE: Ballistic Missile threat inbound. It turned out it was an accident. And so, I think what, it took something like 20 minutes for them to issue a clarification?

AUDREY: 40 minutes. People started to hear from their Senators, among other people online, started to hear a retraction. But it takes a while. There’s an interesting technical side of this, like how these systems work. It takes a while to issue a second alert when something is set by mistake.

CHRISTIE: And so, this is not my favorite thing that that happened. My favorite thing is that, so apparently PornHub shares analytics, which I did not know. And I had a moment of being grateful that I work from home because I went to PornHub.com to try to find the analytics. And…

AUDREY: Before thinking about where that was taking you?

CHRISTIE: Right. And because I am me I was like, “Oh my god, porn everywhere!” which what else did you expect, Christie? Duh. And I briefly looked for the analytics link and then got overwhelmed by all the porn and closed the window. But @NuclearAnthro, Martin Pfeiffer‏ on Twitter, is doing PhD research on how we basically talk about nuclear weapons. And how that – yeah, they say, “I’m looking at the ways in which we create and circulate beliefs and values about nuclear weapons.”

AUDREY: And it’s really cool work. He regularly has these just fascinating historical documents on Twitter.

CHRISTIE: Right, which seem even more relevant now. But this tweet, “2018: The year that PornHub’s analytics become data for my dissertation” and there’s a graph, “my favorite part is the, um, stiff rise in viewership as folk turned to masturbation after thinking death was imminent.” And so, the graph shows, I think during the time of the alert there was a 77% decrease from normal Saturday traffic. And then after the clarification was issued, a 48% increase. Yeah, incoming missile alert issued 8:07. False alarm statement issued 8:45, yeah. So, I just thought that was kind of fascinating on multiple levels. And I think before the internet, we wouldn’t have had all that information.

AUDREY: It would have just happened unmonitored.

CHRISTIE: Right. We never would have known. Alright, what’s your favorite thing?

AUDREY: Well, it’s a little self-serving again in that I want to link to the sock shop. So, I’ve been feeling a little bit this week after I got to a certain point in the rabbit hole, like I was playing something like Animal Crossing. Because you can sit there and go pick out products and put them in little collections. But one of the products that I found that I was just amazed by is these unicorn sock sets. There is a company selling sets of socks that have happy rainbow unicorns. And some of them are the most adorable, pudgy unicorns. But there’s also a lot of phrases on these. There’s these happy rainbow “Fuck your feelings” socks. There’s another set that says “I do what I want” and it has a rainbow and a unicorn.

CHRISTIE: So rainbow unicorn empowerment socks on your shop.

AUDREY: Yeah. And there’s another set, like they don’t show the fronts and backs so I’m not certain this is what it says. But I’m pretty sure it has a unicorn staying at you and the words “Go to hell” on the sock. So anyhow, they’re amazing. They’re adorable. Maybe somebody will buy them. But it just, it made me laugh a lot this week.

CHRISTIE: Yeah. Speaking of unicorns, so I’ve been playing Assassins Creed Origins which takes place in Ancient Egypt. It’s really fun. I don’t know how much you know about the Assassin’s Creed Universe but there’s, I guess this is true with a lot of video games, but you can buy, they call them Helix Credits. So, you can buy them with real money and buy things for in-game, like skill level-ups or funny, or not funny-looking, but spiffy-looking armor. Or resources. I tend to not buy these credits because in part it’s like, part of some work ethic thing. Like, “I’m going to battle through and just use the in-game actions” or whatever. And a part of it’s just like, “I don’t want to spend money on that.” However, I’ve been significantly tempted for the first time because in the game you have mounts. You have horses or camels. But you can use your Helix Credits to get a rainbow unicorn.

AUDREY: Oh, nice.

CHRISTIE: So, I may have to get it. And then they also added this screenshot feature into the game which is really kind of super cool. And they also run photo contests. It’s kind of a cool way to get, to maintain engagement with the game. Because you can – when you enable the camera you can then actually use the whole 3D view engine to frame your shot.

AUDREY: Oh, nice. So, yeah.

CHRISTIE: So, if I end up – I don’t know how to actually access these photos outside of the game. But if I could figure that out…

AUDREY: I should show you my Breath of the Wild selfies. They’ve got something like this built in.

CHRISTIE: Okay, cool. Yeah.

AUDREY: And you can make Link make different selfie poses. It’s pretty cool.

CHRISTIE: Nice. I’m really hoping that when Elder Scroll 6 finally comes out, they have a feature like this. Because it’s pretty cool. Alright. Do you want me to – should I tell listeners what happened with my phone? I guess I already complained about it on Twitter.

AUDREY: Well yeah, just briefly, because this is still something that we’d like to know a lot more about.

CHRISTIE: Yes. So, Saturday evening, I was sitting down the table doing some stuff, listening to an audio book. And then the audio book stopped, the OverDrive app stopped. And I was like, “That’s kind of weird.” I tried to relaunch it. It wouldn’t relaunch. And at that point it was like, time to make dinner or something, so I just ignored it. But then a little while later I was like, “Okay, I want to do something on my phone,” I think look at Twitter. And Twitter, it was like I click on the icon and it would open and then just, I’d see the home screen again. So like, “This is weird.” And then I thought, “Well, maybe I need to apply some updates.” So, I tried applying some app updates from the App Store. And it would look like it would start to update and then it would just return the update button. And I was like, “This is really weird.” Then I thought, “Oh, maybe if I sign out of the App Store and back in.” And so, I signed out and then I couldn’t sign back in. It wouldn’t authenticate.

Anyway, fast forward to Sunday, I ended up having three tech support calls with Apple. And finally they direct me to go into an Apple Store, because at this point I have restored – I have reset the phone and tried to restore from my iTunes backup. And it gets to the point where it needs to authenticate with your Apple ID to continue. And it just gave me error after error. And not even like – it wasn’t a password issue. Typing in the right password gave me the error. Typing in a wrong password gave me the same error. So, I was thinking, “Oh, it’s not even – it’s either not getting to the authentication, it’s either not making that network connection to authenticate or there’s something more broken about it than that.” So unfortunately, they tell me that it will be the following weekend before they have an appointment at the Genius Bar because everybody is replacing their batteries right now. So, it’s kind of the worst time to have an actual issue. But at this point because I’m stuck in this restore state, I can’t even make or accept calls on my phone, which is kind of – anyway.

AUDREY: Why else do you have a phone?

CHRISTIE: Right. Saturday night and Sunday morning, I tried doing everything on my phone that I normally do on my phone on my iPad, which let me tell you does not work. Usually when I wake up, I turn on NPR. And I nearly hit myself on the forehead with the iPad because I’m not totally awake and the iPad is heavy. And it was a miserable 24 hours. So, I get to the Apple Store and they told me it was going to be about a two-hour wait. It was. We kind of wandered around the mall, had burgers. But yeah, and so they go through, they try to do a restore. And once again, I get to the can’t log in Apple ID. And the tech was like, “Do you mind if I try with my Apple ID?” And he couldn’t log in either. Yeah, it turns out there’s some hardware element to authenticating the Apple ID and something busted on my phone. I don’t know what. They were 20 minutes closed at that point, so there wasn’t really time to pick their brain about it. The tech had said he’d never seen that. But he had heard someone else had encountered it once. So, I’m curious if any of our listeners have had that happen or if any of our listeners know what that might be, because I’m just really curious about it. So, the resolution was…

AUDREY: Yeah, it’s really intriguing.

CHRISTIE: The resolution was I got a new phone.

AUDREY: But I guess it keeps you from what, like virtualizing the phone software out of Apple sandbox or something like that. Like, getting access to Apple accounts in some other kind of environment.

CHRISTIE: Yeah, I think I see what you’re saying. Yeah, my guess is that there’s some kind of hardware token, some kind of token that’s generated on the hardware that relies on a fingerprint of the hardware or something, or one or either. So, I don’t know if it was some crypto function that wasn’t working. So you’re saying, what’s the benefit of having it be so complicated?

AUDREY: Yeah, like why would they add that? They have to be using it somehow.

CHRISTIE: Right. That’s a good point. I hadn’t thought about that.

AUDREY: Do some purpose.

CHRISTIE: Yeah. But I didn’t quite realize how much would be broken on the phone if you couldn’t connect. I knew an iPhone was dependent on your Apple ID. I didn’t know to the extent that you really can get so stuck like that. Yeah, I was really impressed by how iCloud backup worked because the store was closed so we went home. And it took a couple of hours to reinstall everything. But aside from having to re-login, re-authenticate pretty much every – and there was one app that was no longer available on the App Store so it didn’t get reinstalled. But it worked pretty well to get restored.

AUDREY: That’s good.

CHRISTIE: Alright. I forgot to ask you at the top if you had any announcements.

AUDREY: I have put Issue 9 in the shop.

CHRISTIE: Issue 9 is available for purchase. What is Issue 9 about?

AUDREY: Hard problems.

CHRISTIE: Hard problems. Alright.

AUDREY: And interestingly, hard problems are both technical and personal. And we have people investigating both sides of that.

CHRISTIE: Oh, don’t I know it. Alright, shop.recompilermag.com, look for Issue 9. And I presume there’s print copies and e-copies?

AUDREY: Print copies, digital subscriptions, yeah.

CHRISTIE: Digital subscriptions, okay. Digital subscriptions. Alright. I think that’s a wrap. Thanks, Audrey.

AUDREY: Thank you.

CHRISTIE: And that’s a wrap. You’ve been listening to The Recompiler Podcast. You can find this and all previous episodes at recompilermag.com/podcast. There you’ll find links to individual episodes as well as the show notes. You’ll also find links to subscribe to The Recompiler Podcast using iTunes or your favorite podcatcher. If you’re already subscribed via iTunes, please take a moment to leave us a review. It really helps us out. Speaking of which, we love your feedback. What do you like? What do you not like? What do you want to hear more of? Let us know. You can send email feedback to podcast@recompilermag.com or send feedback via Twitter to @RecompilerMag or directly to me, @Christi3k. You can also leave us an audio comment by calling 503 489 9083 and leave in a message.

The Recompiler podcast is a project of Recompiler Media, founded and led by Audrey Eschright and is hosted and produced by yours truly, Christie Koehler. Thanks for listening.