Your humble blogger is a beached whale as a result of the steady march of police state practices on the Internet. And to calibrate how heinous the underlying situation is, Lambert, who has 20 years of experience as a computer professional, calls my current mess the technology equivalent of being shoved into a minefield without any signs. And as you’ll see below, I’ve already stepped on one mine.*
Like many who consume a lot of information, I depend on an RSS reader to scan a lot of sites and keep on top of news. I was very unhappy when Google killed Google Reader in July 2013. I duly exported my feeds to Digg and Feedly, two of the most promising alternatives. I finally settled on Feedly as the better, at least at that point in time. I later upgraded to Feedly Pro, which meant I paid a fee, so that I could search articles.
I deleted all my cookies from Firefox, the only browser I had used for accessing Feedly, around midnight. Astonishingly, I could no longer log in. The tech experts I conferred with find this outcome to be on the far tail end of bad user outcomes, as in there is no way this should happen and therefore no reason for me to have anticipated it and taken preventive measures.
And the outcome is serious for a big information consumer like me. I have lost my RSS current feed. And I’ve tried the usual password retrieval routes. Nothing came back.
This is a huge loss; it will take me hours when I don’t have hours to reconstruct my RSS reader. And to add insult to injury, Feedly has ripped me off by virtue of my having paid for a year of a plan when I haven’t gotten a year of service.
The underlying evil, and this IS evil, is that Feedly now has only what is called a “social login” meaning you cannot even have an account unless you login via a social media account like Twitter, Facebook, or Google+. Here is how they are innocuously described in Wikipedia:
Social login, also known as social sign-in, is a form of single sign-on using existing login information from a social networking service such as Facebook, Twitter or Google+ to sign into a third party website in lieu of creating a new login account specifically for that website. It is designed to simplify logins for end users as well as provide more and more reliable demographic information to web developers…
Social login links logins to one or more social networking services to a website, typically using either a plug-in or a widget. By selecting the desired social networking service, the user simply uses his or her login for that services to sign on to the web site. This in turn negates the need for the end user to remember login information for multiple electronic commerce and other websites while providing site owners with uniform demographic information as provided by the social networking service. Many sites which offer social login also offer more traditional online registration for those who desire it.
I like the idea of having my information shared across so many vendors (and therefore much easier for the NSA to mine) even less than having my refrigerator be able to talk to my watch.
When I set up my accounts on Feedly and Digg, I did not use a social login. I’ve avoided social media as much as is humanely possible for someone conducting an Internet-based business (I do use Twitter but never for Web identification purposes). For instance, I had despite Google’s urgings, had strenuously avoided upgrading to Google+ until recently. I have taken what modest steps I can to reduce the amount of information I give to the surveillance state (for instance, having only a stupid phone, not having a Facebook account, not using online banking, using wired Internet connections whenever possible).
But it turns out that Feedly now requires social logins (they include Evernote and Microsoft accounts):
So even though they happily took my money back in their relatively early days, when they also allowed for a mere e-mail address to create an account, now that they’ve gone full Big Brother, my account is no longer retrievable. I somehow peculiarly was able to circumvent later-imposed social login requirement by virtue of still having cookies from when they allowed non social logins. But with their new policy firmly in place, they don’t recognize me as a valid user, despite having paid for their service, and I can’t log in at all, since my account wasn’t set up under any of these routes. As a result of being a social login non-person, I can’t do a password reset either.
And yes, I actually did retain the very long account number Feedly assigned me when I upgraded to their Pro service. That is utterly useless if you can’t reach a human being to get them to sort it out. Predictably, Feedly, like Google, does not allow customers to contact them. They have the usual “go fuck yourself” user “Customer Feedback & Knowledge Base for Feedly.” Working hypothesis: the longer and more faux friendly the name, the less interest they have in actually helping. This is confirmed by the fact that there is no phone number on Feedly’s site, the only phone number listed for them on the Internet is no longer working, and directory information has no current listing for Feedly.
And Digg? Sadly, the result there is an even clearer version of the Feedly drill. I thought I could at least go to Digg as a backup, retrieve my RSS feeds as of the death of Google Reader, and update them. No luck. I can’t get to my Digg RSS feed for precisely the same reason:
See the upper left? You can log in using only Twitter, Feedbook, or Google+. When I tried logging in using my @nakedcapitalism.com e-mail address, it was an immediate fail. Why?
Again, it’s the changeover to social logins after I created my account. It is (or ate least was) considered to be good protocol NOT to use the same user ID and password combination on different accounts. So my password I set up for my @nakedcapitalism.com account on Digg of course was different than the password I use with Google.
But remember my mention in passing that I had finally relented and gone over to the dark side of Google+? That @nakedcapitalism.com address is a Google mail address and was therefor “upgraded” to Google+. That means my Google+ password is different from the password I had used when I set up the Digg account. So logging in under Google+ (the only way I can log in to Digg) meant it got information from Google that was inconsistent with the password I used when I created the account. Digg, unlike Feedly, at least has the decency to show that it is confused:
Step back and consider the big picture implications of my tale of woe. The justification for the implementation of social logins was to make it easier for users. That’s clearly bogus. If the concern was the user experience, these site would also allow for customers to use e-mail addresses not connected to social media. Mind you, if the site owners wanted to nudge users in the direction of using social logins, they could make those options far more prominent and make users click through extra screens to get to other options for creating accounts.
Moreover, there was nothing terribly broken about the old system of having a valid e-mail address as your user name. That e-mail address was unique. If you somehow had trouble with the password, you could always get a temporary one sent to that e-mail address for a reset. The only time you might have a problem is if you somehow lost control of an e-mail address (I had that frustratingly happen with an @mac.com account, which I had even paid for for years back in the day when Apple made you pay for their cloud storage. The password stopped working some months ago, and the system perversely rejected valid answers to security questions. Fortunately, that was a tertiary account; I have more control over my other e-mail addresses).
There is no particular reason to regard Google and Facebook accounts as any more secure (presumably, if someone got their hands on your computer or mobile device, a skilled hacker could find your passwords or use the fact that the some sites remembered who you were to get inside the account). Moreover, having so many accounts tethered together increases the personal costs of a security breach.
So let’s not kid ourselves as to what this social login push is really about. The RSS reader case makes the real motivation abundantly clear. It isn’t about collecting better demographic information for the purpose of ad sales. Neither Feedly nor Digg sell ads.
The Digg and Feedly insistence on social logins only looks to be about tracking the identities and habits of heavy users of information. Top on the list of RSS reader customers is journalists. It presumably would not be hard to query “who has these particular anti-party-line sites in their RSS readers and accesses them regularly,” track it back to the actual users, and look at their networks. This approach to mapping interests and networks isn’t just a more convenient way to get at a particular user’s priorities and habits than looking at Facebook likes or sites followed on Twitter; it’s also likely far more accurate, since the interaction with RSS (for heavy users) is far more frequent and thus provides better data.
So if readers can recommend a decent RSS reader that is not hostage to the surveillance state, I’m game. I had tried RSS Owl (which is e-mail based) and found it good in some respects, but as not well suited to a large-ish list of sites as Feedly or Digg (it was easier to search but harder to scan). So I do have a somewhat stale RSS feed in RSS Owl to fall back on in the highly likely event that I can’t get my Feedly account back.
However, RSS Owl also required me to use a a security state login when I set up the account, specifically, a Google account. While RSS Owl does not at this stage require a Google+ account, it is prompting me to install a software upgrade. I’m not doing that since I may be about to have the exact same experience as I did with Digg, that if I upgrade, the upgrade includes the social login requirement, which would mean I lose the RSS feed due to my original password not corresponding to my Google+ password. So that is a long-winded way of saying RSS Owl is probably at best a stopgap.
So welcome to life with the technology Stasi. If you want to participate in the modern world, they are getting better and better at making it virtually impossible to escape their efforts at making sure they know what the real you is doing on the Internet.
* Yours truly has a documented track record of being able to find and trigger software failures in record time. And while I do do stupid user stuff occasionally, I’ve repeatedly gone to serious tech types with the anomalies I’ve triggered, which depressingly usually happens in the first half hour of using a new program. The experts are able to replicate the problem. After trying to work around it, they conclude that what I have found is a bona fide bug and not user error. Needless to say, this freakish ability to break software has induced an extreme reluctance to learn new programs.