Cyber Aware (@cyberawaregov), a government initiative in the UK, is today promoting what it calls #OneReset – urging us all to make sure we have a decent email password, even if that’s all the cybersecurity we’re ready for right now.
The idea is that you have to start somewhere, and of all the online accounts you have, your email account is almost certainly the most far-reaching in your digital life – not least because anyone with access to your email can probably reset the passwords on many of your other accounts.
We agree, but we think you can do way better that just #OneReset, so we took to Facebook Live to encourage you to go for it!
(Can’t see the video directly above this line, or getting an error such as “no longer available”? Watch on Facebook instead.)
Note. With most browsers, you don’t need a Facebook account to watch the video, and if you do have an account you don’t need to be logged in. If you can’t hear the sound, try clicking on the speaker icon in the bottom right corner of the video player to unmute.
Janne
Why do you put your videos on Arsebook? I can’t see them there.
Paul Ducklin
I guess the blunt answer is that you are not the only person in the world.
The polite answer is that Facebook Live is a perfectly acceptable video streaming platform for a significant majority of our community – it is effective, has good reach, is reliable, and doesn’t require you to open an account or login to view the videos.
So, the fact that you are openly and swearily contemptuous of Facebook, without explaining why, isn’t a good reason for us to pick another place to put our live-streamed videos. (I notice that you didn’t manage to say which online video streaming services would be acceptable to you. I’m sure someone would be happy to find fault with your first choice.)
Anyway. Here’s what happened.
Not everyone likes to read everything they consume – sometimes, watching a video can be fun, and numerous readers asked us when we were going to start doing occasional video-based pieces. So we decided to start making community-oriented, live-streamed videos with an easy, informal style that didn’t require us to rush out and acquire professional video streaming kit first.
We had to pick one platform. Facebook Live was the one we settled on, because we figured that anyone who already uses Facbook would be fine with that choice, and because we realised that even non-Facebookers could watch our videos (albeit not comment and ask questions live) without getting an account, logging in, or otherwise subjecting themselves to Facebook tracking.
We knew that whatever platform we chose, some people would use it as a reason to bleat their prejudices for the world to hear, as though simply “not watching” were an invalid option. As it turns out, we were right…
Adrian Venditti
Please can you add a typed transcript of the video for people who prefer to read something rather than watch the video
Paul Ducklin
For better or worse, typing in the transcripts falls to me. It is a tiresome and time-consuming task. If you have ever done it, you will know what I mean (unless you are a stenographer, of course).
When I used to do it for our podcasts, each transcript would get about 10 views a month – a very big ask for very little result. It wasn’t as if the people asking for the transcripts were genuinely unable to watch or listen – the demand for transcripts was from people who didn’t want to watch or listen, not from people who couldn’t.
And here’s the thing. We don’t do videos and podcasts for people who prefer to read things – 95% of the material we publish is already aimed at those people. We do videos and podcasts specifically for people who like not to read things, at least once in a while.
Further to that, we consider written and spoken English to be essentially two different languages – videos and podcasts generally just don’t make good articles when they are transcribed.
So there’s our dilemma. Which is a long way of saying, “Great idea! Are you volunteering ;-)”
s31064
I agree with both of you on this point. Most people are going to watch the video, I haven’t really determined whether they’re just video lovers, lazy or illiterate. Personally, I can’t watch videos at work, which is pretty much the only time I get to check these articles out. After sitting in front of three screens for ten hours a day for 35 years, the last thing I want to do is get on a computer (read PC, tablet, phone or any other internet-connected device). I realize, however, that I’m part of a miniscule minority in that respect.
As far as actually writing the transcript out is concerned, that needn’t be a manual process. There are transcription services and software available to make it pretty much painless. You would probably want to proof-read the transcription the first few times, but that really shouldn’t be a major issue.
Paul Ducklin
As I mentioned – the transcriptions are largely down to me; I’m not a transcriber by vocation or training, so it hurts; the transcripts we’ve done (usually after people really made a fuss) ended up almost totally unused (which made the hurt of having done them hurt all over again!); and we don’t make the videos to be written articles anyway, so they transcribe as “two blokes talking”.
Our videos generally don’t get as many views as our articles get reads, all other things being equal, so they aren’t a majority taste, but the videos get orders of magnitude more views than the transcripts get reads. Which makes me think that we’ve pleasing most of the people quite a lot of the time, for all that we aren’t pleasing everyone all the time. If that makes sense.
And, yes, I am delighted to avoid transcription duty :-)
Barrie Brown
Which is an excellent reason to choose youtube and just post a link to it on FB because youtube offers an auto generated transcript. Just a suggestion.
Paul Ducklin
YouTube auto-generated transcripts are, in my personal opinion, worse than useless. A transcript should be correct or it should be absent. Also, YouTube doesn’t let you do live, streaming video sessions, which is what these are supposed to be.
We do use YouTube – indeed, we have a channel on there, SophosLabs – but Facebook Lives are for our Facebook followers. That’s the long and short of it.
We know that we can’t please everyone all the time, but we do try to have sufficient variety that we can please many of the people most of the time.
Rhonda Caywood
Believe it or not, Not everybody is on Facebook!
Paul Ducklin
You don’t need to be “on” Facebook to watch the video. (Unless, it seems, you are using Internet Explorer. I don’t know why that is.)
At any rate, I can watch without logging in – I just click and the video plays – I have a Facebook account but I logout when I am not using it. Viewing the video anonymously works fine for me (I used a fresh browser – no cookies or saved credentials) using Edge/Windows 10; Firefox/Linux/; Firefox/macOS. What’s your combo? I wonder if that has to do with it?
Paul Ducklin
Works for me fine on my iPhone too. I just logged out from the Facebook app and closed it, just in case that mattered; did a Clear History and Website Data in iOS Settings → Safari; started a fresh Safari session; opened a Private Browsing Mode tab; went to this article; tapped on the video…
…ad it started playing fine in Safari. Easy as that. I didn’t need the Facebook app or my Facebook login.
Iceberg
My system (Firefox on Lubuntu 16.04 LTS – daily updated) can react in two ways to Sophos Facebook Videos:
1) Demand that I install Flash – which I find kind of ironic
2) A nag screen trying to get me to log in or sign up to Facebook – with a tiny script “non-button” saying “Not now” barely visible (Experimenting to see if Stylish can consistently intercept and remove this nag)
I don’t like Facebook for its data-greed and monopolistic nature (so many organisations want you to “sign-up” in order to participate) so I am torn by Sophos videos on Facebook
1) It presumably costs Facebook for little/no return in respect of users like me – so I should (rather petulantly) enjoy consuming their resources
2) I probably add in a tiny way to their ability to claim X billion users when trying to get advertisers to fund their model.
I would prefer to see an IT specialist organisation like Sophos being able to serve videos from their own resources – it would give me confidence. (Yeah, I realise this blog is on automattic.com!)
Paul Ducklin
My stripped-down Slackware with Firefox also asks me to install Flash when viewing our streamed videos. Which is weird, because I thought Facebook was an “early unadopter” of Flash. So I figured it must be down to my setup not actually being shared-library-rich enough by for the codecs used by Facebook for HTML5, so it is falling back to Flash rather than trying Flash first.
I tried changing my user agent to iOS (that way the website you are visiting *knows* you don’t have Flash – a handy trick BTW) and, indeed, I received a “you don’t have the right codecs” message from Firefox.
Firefox didn’t bother to tell me which codecs I didn’t have…and I have not looked any further than that.
chez
Hee hee!
Security Aware Guy
First comment: I used to be on facebook but it became too much irritation for me. I am not anti-social but social media has become too invasive and just plain irritating. But I can watch you guys streaming on facebook without having to be irritated by facebook. :-)
Second comment: Please do a review of password managers, review them, tell us which one(s) really work across multiple devices (PC, tablet, Android phone, etc). I have tried several password managers including one called Dashlane for which I paid, and it works almost most of the time, sort of, except when it doesn’t work well or almost not at all… I stuck with it a long time and it was painful and in spite of constant promises I finally had to remove it to retain my sanity. I have tried a couple of other password managers before and after Dashlane with mixed success and mixed confidence. I use 2FA everywhere I can. Am looking into YubiKey. I want security but security tools that work well. Am I doomed to keep my long, random passwords on a pluggable usb memory? This has its own dangers, of course. Arghhhhh… !!!!!!!
Paul Ducklin
We’ve never done a head-to-head review of password managers but we have looked at several different products recently.
If you search for “password manager” on Naked Security you should get an interesting mix of articles – some focusing on the risks (e.g. if there is a bug in the password manager), others giving you the upside of password nanagers (e.g. a different password everywhere), and some being how-to guides for popular password manager tools (e.g. Smartlock, Keychain, KeePass and LastPass).