Day One privacy and opt-in vs opt-out

I’m a fan of the Day One app, which makes it easy to keep a journal on iOS and Mac, synced to Dropbox or iCloud. The brilliant (and optional) CLI makes Day One extensible, so tools like Brett Terpstra’s logging script really expand the possibilities of how journaling can be used.

I admit I’m not very conscientious about journaling, but I’m slowly getting better, as I find myself thinking “when did that thing happen again?” and it’s always goodness when I can find the answer somewhere. Usually it’s not something that’s in my calendar – like that unexpectedly amazing Zinfandel we had at the hole-in-the-wall burger place.

The Mac version 1.9 update adds some nice goodies and I’ve been putting it through its paces. But the app has a feature that really bugs me. It calls out to, presumably for activity tracking. I love the idea and wish more tools would do app tracking – products would be a lot better if designed with this kind of data in mind. But whether or not to opt in to activity collection should be my choice, and currently it’s not. In fact, on the Mac, if you turn on the “Day One Reminders” it tries to contact mixpanel every 30 seconds. I have no idea why a reminder process would need to log activity.

Unfortunately, neither the Bloom Built web site nor the Day One site has even a hint of a privacy policy. No indication of what information they collect, who they share it with, how long they keep it, what they use it for, what security they use to protect it, how to opt out, etc. If they do have it posted somewhere, I was unable to find it.

I once heard an interview with founder/designer Paul Mayne – he seems like a nice guy who really cares about the user experience. I hope he and Bloom Built are wildly successful. I just wish they’d allow me to opt-in to data collection on how I use the app.

This may seem like a contradiction – that I wish more apps did this, but I want to opt out. The principle here is that I should get to decide, based on what I know is being collected and what it’s being used for. I don’t particularly want Day One sending my photos, GPS coordinates, calendar, contacts etc. to who knows where without my consent.

For now, I have Little Snitch blocking the pings to mixpanel, and the app runs fine. But that only works on the Mac. I can only assume they are sending activity information from the iOS app as well. For the time being, I’ve stopped using the iOS app.

Day One privacy and opt-in vs opt-out

Dennis Ritchie on C and UNIX

Dennis Ritchie, designer of the C programming language, and co-inventor of UNIX — arguably two of the most influential computer science creations ever — passed away at 70.  As my formative years in computing were highlighted by UNIX and C, I felt a bit of nostalgia as well as gratitude for “dmr”s contributions.  I still think of the original K&R as the best programming book ever – when a colleague told me he was going to write a book on C, I couldn’t understand why – since K&R existed, nothing else need be said!  In fact its conciseness greatly influenced my own writing style – some might say to a fault.  Years later, I used the first edition K&R as guidance for the original DMTF DMI 1.0 spec (sadly, no longer available), which was somewhat ironic that I’d use it for a standards committee document:

When I read commentary about suggestions for where C should go, I often think back and give thanks that it wasn’t developed under the advice of a worldwide crowd.
— Dennis Ritchie

Tonight I spent quite a bit of time reading sections of his Bell Lab’s home page — technical materials and observations that I hope stays up for posterity.  These are important artifacts that brought us to where we are now.

From an operating system research point of view, Unix is — if not dead — certainly old stuff, and it’s clear that people should be looking beyond it.

— Dennis Ritchie, 1990 Summer Usenix keynote speech

UNIX, if you don’t know, is the basis for the software that runs Mac OS X, Linux, Android, iPhones & iPads, and lots of other stuff.  Not too shabby.


Dennis Ritchie on C and UNIX

What comes next after Insanely Great?

I don’t have any personal stories to tell about meeting Steve Jobs.

I’m not a “long-time” Apple user.  But I am acutely aware of the date I would become one: January 7, 2003.  Steve Jobs introduced the 12″ Aluminum PowerBook G4 at MacWorld.  I’m not sure how I knew about the keynote – perhaps because I had an iPod and thought it was great – but that afternoon I found myself watching the QuickTime replay from Apple’s web site, hunched over some Windows laptop.  I’d never seen a SteveNote before, and was hooked by everything about it, and I said “I am switching to the Mac.”  Keep in mind I hadn’t even used one at the time, but I still knew it.

Long story short, while diving into Apple’s worldview can be daunting, it’s been incredibly rewarding.  I’ve learned a lot about how difficult it is to make something appear simple.  I started thinking about software in words like elegance, and started using the word design to mean more than architecture.

The iPod and the PowerBook have long since been retired, obsoleted by newer models.  But I still have them, because they were my first.

Rest in Peace, Steve Jobs.

Apple steve silhouette

What comes next after Insanely Great?

The Web Analytics Association Board of Directors

Web Analytics AssociationYou may have read there’s a new batch of WAA directors.  Eight of the existing directors have returned.  Deciding not to return were four great analytics professionals:

The April rains washed in four new, wide-eyed, idealistic directors:

To those WAA members who voted for me, thank you.  To the WAA members who didn’t vote for me, I hope I’ll earn your respect.  To the analytics professionals that aren’t WAA members — we should talk!

As an aside – it’s going to be interesting being part of this new group.  All four of us are VPs in good-sized organizations, and probably used to “calling the shots” to some degree.  Working with a non-profit organization of dedicated professionals, all of whom volunteer out of their passion for the industry, is going to be a great learning experience.

Our debut board meeting was in Boston, the day after the WAA Boston Symposium.  The first item on the agenda was an orientation for the new folks (all board members attended, except for Jim Sterne who had a prior commitment).  After sitting like good newbies for all of maybe 15 minutes, one of us (name redacted to protect the innocent) politely but firmly started asking pointed questions like “what are the success targets?  Where are the metrics?  etc.”  We hadn’t even gotten to basics like how the association conducts its business and already people are demanding data.  Smiles all around!  The next few hours continued something of the same – materials had been prepared, but we had questions and went straight to them.  Prior to the meeting I wondered if the board had some kind of hazing ritual for the new folks, but I think the existing board was on the receiving end of a lot of the hazing. :)  Suffice to say I do not think the four new directors are going to be passive wallflowers.

As I get deeper into it, I’ll try to provide regular updates here – not on official business, there’s already a web site for that, and a monthly newsletter.  Obviously, I’m only speaking for myself.  Instead I’ll look at whether or not I’m doing anything useful as a director.  If the only time you hear from me is when I want to get elected, that’s too late, eh?

Meanwhile, and as always, I’m interested in your questions, comments and observations about the WAA.


The Web Analytics Association Board of Directors

about that new year’s resolution

So I thought – at least one blog post a month won’t be difficult, right?


Then in February, right before I was scheduled to speak at eTail West, I get an ominous email from Google saying my blog is spewing malware.  I immediately checked and was convinced the email was legit.  Oh crap.  Later Google would complain about many more sites I host, here’s an example email:

malware notice

I host a number of sites (including some blogs, a mail server, a personal photo gallery, two commercial sites and a non-profit group) and all of them were compromised.  So I disabled all the web sites until I returned from eTail.  When I got back home, I cleaned and rebuilt each site one-by-one.  During the rebuilds, sites were getting re-infected, and it was difficult to find the attack vector.  The web wasn’t any help, except that I got a good appreciation for some of the old security issues in WordPress and its plugins – none of which I was experiencing.

It turns out that while was up-to-date with its software, another locally-hosted site was not, and got compromised.  The attack granted access to the local file system, so every web site I hosted got infected.  Nice.  Once I installed some hand-rolled logging software I saw how quickly a site would get hit, and then infect everything else.

Finally I learned enough to understand this particular attack, and I installed various intrusion detection, firewall and logging packages, just in case, and turned on sites one-by-one until I was satisfied I had everything back under control.  The whole thing probably took me two weeks to fix, since I couldn’t just drop everything else I was doing.  But it did consume most of an entire weekend.

As to what the malware did, I never really looked.  As long as it was gone I was satisfied.


Back in the day I ran all my own machines & software, built around FreeBSD and Linux.  One day I decided there were better things to do than to continually monitor every mail list and patch my system software.  So I switched my machines to Mac and went to outsourced hosting.  That doesn’t solve everything but it did lower the administrative burden, because I was putting my faith in others who claimed they were up to the task.  But I couldn’t fully give up everything, so I went with a self-administered version of WordPress instead of using the hosting and software available at  As a result, a slip-up in my software patching caused me days of hassle.

That was late February – early March.  For now, I’m still using my own hosted version of WordPress, because I keep telling myself it gives me lots of flexibility should I want/ need it.  Today I installed the latest patches, checked my logs, and decided it was safe to blog again (for some definition of ‘safe’).  I’m not a big fan of blogging about blogging, but the larger story is that no matter how remote and isolated you think you are, you’re running buggy software at the end of some IP address.  The scanners will find you, and the scammers will take advantage if they are able.  Whether or not you care depends on how much control/flexibility you want.  But I guess with great flexibility comes great responsibility, or something like that.

about that new year’s resolution

odds and ends, new and old

So, the Strata conference was good, and my talk was pretty well received.  Work got in the way of me hanging out at the conference for the whole three days, but I did spend about a day and some change meeting lots of smart people (including a lot of ex-Yahooers) and taking in some talks.  It’s a very different vibe from eMetrics – that’s not a judgment, just an observation.  Much more technical and “hands-on” in nature – a lot of it reminded me of eMetrics 2006, with a focus on tools and technologies.  If you missed it, or want to relive it, you can find Strata 2011 Speaker Slides & Videos.

One personal highlight was chatting with Duncan Davidson, who is doing a lot of photography for O’Reilly events (and many others .. check out his site).  The kick was that he and I were in a Palo Alto community photography class with about a dozen other people back in … oh, 2002ish maybe?  And now look at him: a pro photographer, living the dream…

Tonight I did something both humbling and inspiring at the same time.  I read my own blog.  Like, all of it.  There’s not a lot to read, really, until you reach back to 2005.  There’s now lots of missing images and busted links. Such is the web, I guess.  But the experience was inspiring because I found myself on several occasions thinking “wow!  that was well said!  Did I really say that?” and then followed by “Hmm, I don’t think I’m that smart any more.”   Perhaps blogging is like exercising – if you don’t use the muscle, it atrophies?

Speaking of busted links.  Back when the web was black and white with blue links, I had some content on my old site, wherein I poked at a few sound and video devices to reveal their secrets.  Various nooks and crannies of the web still have pointers to that material, and still get the occasional email asking if I have the content around somewhere and can I please put it back up?  So over the weekend, I did.

odds and ends, new and old

Upcoming Speaking Appearances

Hello World! Happy new year. Today I make good on one of my new year’s resolutions — to start blogging again.

I am looking over my calendar and see I have four upcoming speaking engagements:

I agreed to each, because each is worth attending. The Marketing Optimization Summits need no introduction: if you are remotely interested in web analytics and marketing optimization, you already know the name eMetrics. eTail is all about online retail, focusing on multi-channel e-commerce, campaign management, etc. it will be my first time there and I’m excited about it. Strata is a new conference from O’Reilly that promises to showcase a wealth of innovation in Big Data – much broader in scope than any of the other conferences, and probably a lot more technical too.

If you see me at any of these, please say hello!

Upcoming Speaking Appearances