I’m taking on a Tough Mudder

In May 2016, I’ll finally be doing the thing that I’ve been talking about for the last couple of years…taking part in a Tough Mudder. Whilst I’m going it, it seems like a good opportunity to raise some money for Mind so if you are able to sponsor me please visit my fundraising page on Virgin Money Giving.

Wander/Highfields Workshop

Originally posted here
On Wednesday 27th April 2016 we will be running a workshop on user-generated locative media experiences on campus at the University of Nottingham. We would like to invite participants who have a special interest in the Highfields Park and Lakeside areas of the University of Nottingham, for example local history groups, employees of the University or City Council who have responsibility or interest in the areas. The workshop will introduce participants to 3 pieces of software:

as well as the University of Nottingham Manuscripts and Special Collections. Participants will then be asked to use the software tools provided to create their own locative media experiences (either in groups or on their own) which they will then be able to share with other participants. Wandering Highfields Park will be encouraged and some digital recording equipment (cameras, camcorders) will be available to use on the day.

Lunch will be provided and reasonable travel expenses can be reimbursed.

For all enquiries or if you would like to attend, please email Dominic Price at dominic.price@nottingham.ac.uk.

Agenda: download

Date: 27/04/16
Time: 10am to 4.30pm
Digital Humanities Centre
The University of Nottingham
Humanities Building
University Park
Nottingham, NG7 2RD

When OAuth doesn’t quite fit

One of the key themes in Horizon, since it started 5+ years ago, has been ‘keeping personal data personal’. What we’ve tended to mean by this is that an individual should retain all the rights to the digital data that they produce (social media content, data from smart meters in the home, data from activity loggers, and so on) and that the individual should be the ultimate gatekeeper of access to that data. This simple idea is a reversal of the way that most current service providers implement their systems, the usual method is that user data is uploaded to the service providers servers and the service provider then maintains and controls access to that data.

In order for us to experiment with the concept of data being owned and controlled by the user, we have over the years built (to greater and lesser degrees of success) systems that attempt to interface with service providers systems and extract users’ data. Most commonly, the way to achieve this is through the use of a service provider’s application programming interface (API) and the most common way of authenticating with these APIs is through the OAuth protocol. I’m not going to go into the pros and cons of OAuth, speaking as an application developer it’s pretty easy to use and well supported, the problem that we have is that OAuth doesn’t quite fit the needs of our use cases.

OAuth is described as: “OAuth is a simple way to publish and interact with protected data. It’s also a safer and more secure way for people to give you access. We’ve kept it simple to save you time.” (http://oauth.net/). What this means is that OAuth is intended as a 3 party protocol in which the User can give access to their data held by a Service Provider to a 3rd Party. It’s a bit of a simplification but in general this is achieved by API requests being signed by both the user and the 3rd party to guarantee that the request has been authorised by both parties. The issue for us is that we want to remove the 3rd party from that process, we want to give users a way to access their own data in a complete private way. If we act as the 3rd party in the OAuth process, it gives us some level of access to a user’s data, access that we don’t want.

There are ways around this but they are less than perfect. One way is to distribute the 3rd party access tokens with an application, this means that the application will just work. The downside is that those access tokens are then open to abuse and will likely be cancelled by the service provider. Another way is to get the user to register their own OAuth application with a service provider, a confusing task for the average user though (some, like the Facebook app registration are confusing enough for developers!). Some providers, like Github and Google, do provide ways of generating API keys quickly and easily but these of course only work with those services.

It’s an annoying problem, and one that I see being asked quite a lot in various developer problems, because it can only really be changed by the service providers modifying their systems.

Dry January

I’m now on day 24 of Dry January. For those of you that don’t know, Dry January is an annual campaign/challenge organised by Alcohol Concern that asks members of the public to give up alcohol in January. The idea is to get people to take a time out from drinking and reflect on their relationships with alcohol and raise awareness (and possibly money) for Alcohol Concern’s charity works.

I decided to take part in Dry January, not because I think I have a serious (dependency) problem with alcohol, but because I think that my relationship with alcohol has become ‘mis-judged’ in recent years. Dry January therefore, for me, is all about giving me the opportunity to take a time-out from alcohol and ‘re-align’ that relationship.

I’m not a regular drinker, I’m not someone who comes home and opens a beer or pours a glass of wine. I’m someone who drinks when they go out to social occasions, which is usually one night at the weekend and maybe a weeknight once a fortnight; and when I do go out I binge drink. I hesitate to estimate how much I drink when binge drinking as I think I’m embarrassed to admit it, it’s enough though to make the later parts of the nights hazy and the journey home vague. In itself this isn’t a particular problem, I enjoy the haziness. The real problem is the 2+ days of come-down afterwards, the headache and the dodgy stomach; but especially the depressive effects that affect how I look at myself/life and how I interact with those closest to me, predominately in negative ways.

The experience of Dry January so far has been fantastic and eye-opening. I’ve slept better, I’ve had more time to do things – last weekend I was up and had done all the housework and chores for the weekend and sat down relaxing before the time when I’d usually be up – I’ve had more energy, but most importantly, I’ve had a much more positive outlook. The only difficult times have been in social situations when I would normally have been drinking, it feels strange and disconnected not to, but I’ve still been out and had fun.

The take-away from this experience is that I need to be much more aware of the cost of each drink in terms beyond just its monetary value. It’s fine to have a drink but without care it can take up more of my life/time than I’m currently willing to give it. I’m not looking forward to February because I can allow myself a drink, I’m looking forward to February because of all the things I can do without drinking.