Alana Post

I'm thinking about those beans.

I'm going to try to write up and consolidate some of the things I've done that I'm happy with. So far, here's what I've done:

  1. Migrated from Google Drive and Dropbox to Nextcloud. Set up syncing on my laptop so it works just like Dropbox, Drive, Box, whatever. Next step: deleting stuff from Drive/Dropbox.
  2. Migrated from Google Calendar and Contacts to Nextcloud. Contacts went fine — and was a good opportunity to clean up 15 years' worth of duplicates and errors — but Calendar has been incredibly painful. It is rare that any of my peers sends me anything but a Google Calendar invite, which goes to my Gmail, which I no longer use. I then have to either just block the time in my “real” calendar manually and hope nothing changes, invite my “real” calendar myself (if I have edit permission on the event), or try to explain to the inviter how to invite my NextCloud account's calendar instead — which has failed all 3 times I've tried, and served only to mildly annoy whomever is trying to invite me to something.
  3. Migrated from Gmail to Protonmail. This has been largely painless; I don't miss Google email one bit. On desktop I use the Protonmail website, and on my iPhone I use Protonmail's app. No problems with either. Deliverability has been great. Spam filtering has been great. I guess I'll have a decision to make when they add calendaring — it makes sense to me to have email, contacts, and calendar in the same “thing.” However, Nextcloud can manage contacts and calendar just fine. It's just a matter of which eggs I end up putting in which basket when there are redundant features.
  4. Switched from Amazon's ebook marketplace to Kobo's ebook marketplace (eh... but mostly DRM-free), my local Public Library, and friends' file collections. This has gone beautifully, and I should have done it sooner. I also benefited from https://calibre-ebook.com/ and https://apprenticealf.wordpress.com/2012/09/10/drm-removal-tools-for-ebooks/ (skip to https://github.com/apprenticeharper/DeDRM_tools/releases for the zip, which contains a plugin for Calibre), which enabled me to get all my Kindle books onto my Kobo. 4a. I don't yet love my setup for comic books and am trying a few things. Right now I'm getting them via Humble Bundles and reading them with the iOS app called Panels https://panels.app/ . I picked Panels purely based on looks and the maybe-foolish hope that they'll add the ability to sync files from WebDAV or something so I can continue consolidating files into Nextcloud. If I'm at home, I prefer physical comics, so I really only need an app that lets me kill time when I'm out and doesn't try to lock me in to their marketplace.
  5. Migrated from Twitter and Facebook to Mastodon.
  6. Migrated from Instagram to Pixelfed.

Here's what's in research or planning:

  1. Wrapping our three Google Home devices with Project Alias http://bjoernkarmann.dk/project_alias
  2. TV/movies/music decisionmaking — how do I plan to discover, acquire, and play (locally and remotely) multimedia, if I am not using Spotify, YouTube, Netflix, Hulu, Amazon Prime, Crunchyroll (ok, Crunchyroll can stay), or any of the other million fragmented subscription services I use to entertain myself, stay vaguely apprised of cultural trends, and provide content for small-talk?

Today, I felt inclined to move forward with rethinking my music collecting and listening. My goal is to enjoy music without being surveilled — particularly by companies with advertising-based business models. I want to do this securely and cost-effectively. The ideal end result will remain just as convenient as the services it replaces.

Obstacles to moving away from ad-supported, proprietary, cloud-based music streaming services

This is a daunting project which I have put off for a long time. Some of the reasons:

  • I stopped maintaining my local music library at least seven years ago. I don't even know what I have. But I DO know that I don't have 95% of what I've listened to over the past several years, which is a big gap to overcome
  • It has become harder to actually download the files associated with one's music purchases, and DRM is a hellscape
  • I stopped pirating music nearly the minute I had a predictable income
  • I am no longer up to speed on the latest methods for acquiring and managing local files
  • My torrenting privacy and security knowledge is dated — I used to rely on private trackers, blocklists and a VPN, but anti-piracy groups' direct monitoring skills have grown, and ISPs have grown more invasive
  • There has been a confusing proliferation of apps and services for managing music libraries
  • The self-hosted music streaming server I was most familiar with, Subsonic, has fallen victim to open source drama (https://www.reddit.com/r/selfhosted/comments/4hhhkx/subsonic_is_no_longer_open_source_which_is_the/)
  • I am unsure whether I want to primarily serve media locally (buy some cheap drives; configure a local media server using something like Kodi or Plex), or leverage my hosted Nextcloud's Music app and WebDAV capabilities to stream from the same remote, managed server I already use to organize my documents, photos, contacts, calendar, etc https://apps.nextcloud.com/apps/music
  • I am unsure if I want to use the same thing for music, movies and tv; or one thing for “audio media” and another thing for “visual media”

Pros of local: control, security, price Pros of remote: convenience, simplicity

Some good news, though:

  • I shouldn't have to learn new things about the music files themselves, or transcode anything. Formats and codecs remain what I'm familiar with. LAME's 21 years old and its most recent release was 13 October 2017. FLAC's 17 years old, most recent release 1 January 2017

Stream music from Nextcloud to your iPhone

Today I am going to try to upload an mp3 to my Nextcloud server and stream the mp3 from my iPhone, since that is the device I use most frequently for listening to music.

I'm going to do this in the easiest way possible, to encourage others to give it a shot. There are a few prerequisites, but you do not have to be a developer or engineer to meet them. Getting the Nextcloud server is probably the largest barrier, since it involves money. It is not a lot, and I think of it as paying myself for exclusive rights to my own data (; but it can take about a week to get your identity verified and establish a new billing account with one of the services that provide hosted Nextcloud. Just be aware you might not be able to do all of these steps immediately.

I'm also going to take this moment to scream because I maybe-wasted $4.99 on the iOS app play:Sub, hoping that they'd add support for Nextcloud (or webDAV), or that I'd be able to get Nextcloud's experimental Ampache support to talk to play:Sub. I 100% did this because it was the prettiest option. Other folks have gotten this working; my initial efforts were unsuccessful and annoying. If you're interested, this person seems to have a good guide: https://ownyourbits.com/2018/08/28/stream-you-music-with-nextcloud-music-and-power-ampache/

Prerequisites

  1. Access to a OwnCloud or Nextcloud server with Music installed from their Marketplace (a few simple clicks.) For Nextcloud, I like https://www.hetzner.com/storage/nextcloud , which will cost you about $40/year; I pay €8.79 per quarter, which is about $10. I honestly think most people can manage this, but still would like to see more free options or folks sharing their servers with their friends and families or whatever
  2. At least one mp3
  3. A smartphone you can install stuff on
  4. CloudBeats app, free version https://www.cloudbeatsapp.com/

Instructions

Add music to the server

  1. Log in to Nextcloud
  2. Create a new folder called Music
  3. Open the new Music folder
  4. Drag and drop your mp3 into your web browser window
Optional extra step for security: create a dedicated Nextcloud account, just for streaming music

Why? Because if this app sucks, and gets hacked, and was storing your password in a way the hackers can decrypt, they can now log in to Nextcloud with the highest levels of permissions and access all your personal files. If you create a new user just for this app, you can limit its permissions to the Music folder. That way, if the password gets out, hackers will have a much harder time trying to get out of the Music folder and into your personal files. It takes about 2 minutes to create a new user, is completely non-technical to do, and you'll be kicking yourself later if it ends up being the thing that could have protected you. https://docs.nextcloud.com/server/stable/admin_manual/configuration_user/index.html

Install the app on your phone

  1. Open the App Store
  2. Search for CloudBeats
  3. Install the free version of CloudBeats

Configure the app to find the server

  1. Open CloudBeats app on your phone
  2. Locate the Settings area (you might need to open the hamburger menu at the top right... this app doesn't have great UX)
  3. Scroll down to the Clouds section
  4. Locate ownCloud/Nextcloud in the list, and tap the Sign in link
  5. Sign in by typing in the URL of your server (just look at the address bar in your browser, and type in what you see, including the .com or .net or .org or whatever but nothing following it), username, and password. The username and password will be the same as the ones you'd sign into the website with
  6. Now that you have given Cloudbeats permission to look at your Nextcloud, you need to tell it where, and scan for audio files. Again, the UI/UX are not great; you will do some brief tapping around to select your Music folder and tap Scan

Stream music

  1. Cloudbeats might not appear to have successfully done anything after scanning, and you might end up on a My Library screen that is blank. If that happens:
  2. Tap that top-right hamburger menu again, and you'll see ownCloud/Nextcloud at the very top
  3. Tap owncloud/Nextcloud, and you'll see any folders you'd previously indicated should be scanned for audio files
  4. Tap Music, and tap your mp3. It should begin playing, and will continue to play in the background just like other music streaming apps

Voila! For maybe $3 to get your own Nextcloud server, and some of your free time here and there, you can have the foundation in place to start moving away from Spotify etc while still having an on-demand music library in your pocket.

Now, to rebuild the collection...

“Facebook will reveal who uploaded your contact info for ad targeting,” Josh Constine, Techcrunch

https://techcrunch.com/2019/02/06/why-am-i-seeing-this-ad/

This is one of the wilder aspects of Facebook Ads in practice, and I’m not sure if the general public is familiar with how bad the process is for everyone involved.

Basically, here’s how i’ve experienced it from the perspective of a nonprofit marketing person. Please note that I am not a power user of Facebook ads. I know how to use the product, build an audience, format media and write copy, debug, build/analyze campaign reports etc but it’s never been my primary focus. (I have been not-so-subtly trying to flee digital marketing for about 7 years, so I have only learned what I needed to remain employed.)

Anway. Let’s say it’s Giving Tuesday.

  1. Nonprofit A wants to do a campaign for donations
  2. A hires Agency B and gives some worker on the agency side total access to all systems that hold supporter information (CRM like Salesforce’s “Nonprofit Starter Pack” assuming they have prior donor info there, email newsletter platform like Mailchimp, social media platforms like Facebook, web analytics platforms like Google Analytics, plus any psychographic info on prior donors). Just a note here that things have already gone terribly wrong. My personal information is now in an Excel file on the desktop of someone, probably in their mid 20s, who has never been trained to handle sensitive data and has zero clue what their legal obligations may be.
  3. A and B decide who to “target” for the campaign* and construct queries to put together “the list” or “the lists” containing the contact info of people they have enough data on to group. Lots of people are usually in every group so you dedupe it a million times; it’s just a brilliant process really
  4. The final list for Facebook is exported as a .csv on someone’s desktop, formatted according to FB’s instructions (sample file: https://www.facebook.com/images/ads/signals/example_files/example_audience_file.csv )
  5. Someone from B with a great deal of privileges on A’s Facebook page logs into using their personal profile (there’s no such thing as a “company account” so you have to use your personal FB if you ‘work in social media’ and it’s hilariously bad; I still have access to several former clients’ FB admin areas)
  6. The file gets uploaded and, if you didn’t use their template, you quickly map the fields (mindless work)
  7. The rest is just following FB’s instructions. It can be tricky just like any other hideous product built for enterprise audiences but it’s not very hard to give Facebook ALL your people’s data.
  8. Anyone who used an email address to sign up for Nonprofit A’s newsletter and/or donate to Nonprofit A, who also used that same email address with their Facebook account, is now fair game for the ad. For a small nonprofit, particularly one without a lot of supporters on FB, sometimes you’re not looking at a lot of people. So FB lets you dip into their data. Sure, all I know about this one woman is that she wrote a check for $500 in 2017. But Facebook knows everything about her whole life. So it can go get me 2,000 more users exactly like her. A “lookalike” audience to try to get money from, based on who gave in the past. Perfect!

Nobody ever deletes anything, so The File is not just telling FB about the prospective donors (so it can match email addresses and target those users with this nonprofit’s Giving Tuesday ad), it’s on a stranger’s desktop and maybe already auto-backed-up to B’s Google Drive.

I think a big part of this is bad data handling hygiene. People are not being trained, because their boomer and old gen X bosses see this as wizard magic and don’t realize basic information that would apply to a csv just as well as a manila folder needs to be passed down. Food safety handing and that whole certification process looks like being trained for a Moon landing compared to the training marketers and other workers in that industry receive. Fair enough, I guess we have decided as a society that salmonella is more frightening than spam and identity theft etc.

But part of it, in my scenario anyway, is also a mishmash of unethical decisions made by Facebook, Agency B, and Nonprofit A.

Nobody should be doing any of this, in my opinion. But they do, because FB ads are more effective than email campaigns, and take less work. Nonprofits structurally have no good choices because their whole premise is flawed. Having your entire continued existence dependent on your ability to cozy up to rich old capitalists and their heirs, or extracting money from bleeding hearts, is screwy. I guess I’ll save that particular rant for another morning.

  • “Whom to target” is usually reverse-engineered based on how much content they can produce; because initially everyone’s like “Let’s put together 5 different personae!” and then realize that’s 5 different sets of messaging that has to be translated into ask emails, landing pages, thank-you email, follow-up email, and, oh: what did we want to do with this audience after we get the money? Nothing until next year? Ok, those people definitely aren’t getting much from you but whatever, get that 🍞

Why this comparison

I love beautiful software. I also love security, and prefer to support open source software projects rather than proprietary efforts whenever it's reasonable to do so.

I have ADHD. Note-taking is an enormous part of how I work with my brain; I have tried many systems (physical and digital), and combinations of systems over the years. I am very invested in finding a solution that will hold up, long term, to heavy daily use and is also in line with the preferences I stated above.

Bear

https://bear.app/

The following information is largely copied and pasted from Bear's website, as of this morning.

Platforms: MacOS, iOS, WatchOS Price: Freemium. Free tier: create notes, add tags and attachments, and export to a variety of formats. “Bear Pro”: $14.99 annually / $1.49 monthly: sync between all your devices, over a dozen beautiful themes, and more powerful export options.

Features

  • Formatting: “Advanced Markup” Editor (basically markdown)
  • Syntax highlighting for 20 programming languages
  • Rich previews
  • In-line support for images and photos
  • Cross-Note Links
  • Todos
  • Multiple themes
  • Multiple export options including HTML, PDF, DOCX, MD, JPG, and more
  • Smart Data Recognition of elements like links, emails, addresses, colors, and more to come
  • Hashtags
  • Focus Mode (hides everything in the UI)
  • Notes are stored in plain text
  • Multi-device sync via iCloud
  • Regular updates

Bear is a truly beautiful app and it's very easy to form a habit of using it since it integrates so neatly into other apps one already uses. The price of Bear's deep, seamless integration with Apple's products is lock-in to their ecosystem. Bear becomes more generally useful the more Apple products you own, and less useful the fewer you own. This is worrisome to me; I suspect non-OS software and device hardware shouldn't have their fates so closely bound together.

One thing I'd like to note is that Agenda kind of ripped off Bear's design, added a calendar integration, and focused on event note-taking. If you have a lot of recurring standing meetings or courses, particularly if you are responsible for managing agendas, action items etc, I would recommend giving it a look. It is proprietary and freemium. https://agenda.com/

Standard Notes

https://standardnotes.org/

As before, I have largely copied and pasted this information from Standard Notes' website this morning.

Platforms: MacOS, Windows, Linux (AppImage), iOS, Android, web Price: Freemium. Free tier: end to end private encryption, sync all your devices, web and offline access, unlimited notes, unlimited devices. You may self-host this tier. “Standard Notes Extended”: $9.99 monthly, $50.04 1-year (or, $4.17/month), $148.80 5-year (or, $2.48/month), which gives you access to themes and extensions (or plug-ins.)

Features

  • Formatting: Markdown
  • Syntax highlighting for 120 programming languages (via Code Editor extension)
  • Rich previews (via about 4 of the extensions)
  • In-line support for images and photos (via Plus Editor extension)
  • Todos (via Simple Task Editor extension)
  • Multiple themes (via extensions)
  • Export as txt
  • Hashtags (enhanced via Quick Tags extension; also “Smart Tags” [interact w/your tags via JSON] via Folders extension)
  • Focus Mode (via No Distraction extension)
  • Multi-device sync via Dropbox, Google Drive, or WebDAV server
  • Regular updates
  • 2FA
  • All notes, tags, and other data generated using the Standard Notes applications are encrypted using AES-256 encryption[^]
  • Github push
  • Vim keybindings (via Vim Editor extension)
  • Infinite undo / infinite history

Standard Notes is extremely feature-full, but has managed to retain a UI that doesn't feel like Microsoft Word. If you are clever about using all of its features, it can replace several separate applications. The additional layers of security it contains do not result in it feeling burdensome to use.

From this cursory comparison, I can see a few things:

  1. Support for typical activities — text formatting, syntax highlighting, todos, live preview of formatting / images / etc, themes — is covered by both apps. If looks matter to you, Bear might have the better free tier.
  2. Free tiers aside, Bear is significantly less expensive than Standard Notes, even if one pre-pays for 5 years of Standard Notes and thus receives the greatest discount available.
  3. Standard Notes is significantly more secure.
  4. Standard Notes contains key features that primarily appeal to developers.

Ultimately, for the suite of applications and services I'd prefer to use (e.g. Nextcloud), Standard Notes is the better choice for me since it permits a WebDAV sync destination. I also appreciate Standard Notes' extremely privacy-first approach, which appears to be a founding principle and not marketing promises.

I find it interesting that despite being a self-professed note taking nerd (for crying out loud, I was a die-hard Notational Velocity user for years), I didn't know Standard Notes existed before last week — and they've been around since 2017. Maybe this post will expose a few more note-takers to another secure, private alternative.

[^]https://standardnotes.org/help/3/how-does-standard-notes-secure-my-notes