Eric Raymond’s seminal paper, “The Cathedral and the Bazaar”, outlines the different software construction methods used today. One is very measured and managed, and it is usually commercial. The other is community-driven, iterative, and democratic. As Joshua articulates so well, both have merit. We need both styles of software creation. Some innovations are best driven by a single visionary at the helm of a company like Apple. Others are best driven by a community with a shared vision.
Bash script to easily sign multiple PGP keys
Posted by Steve
on 21 October 2011 11:16
No comments
The project this week in Computer Security (CS 465) deals with secure email. Everyone in the class generated a PGP key, and we had a “key-signing party” in class. Everyone identified his or her PGP key ID and showed two forms of identification to prove ownership.
The second part of the key signing is done by each person individually. It requires downloading each key, verifying it, and signing it. This can be a tedious process that consists of four gpg commands:
gpg --keyserver pgp.mit.edu --search-keys user@email.com gpg --fingerprint user@email.com gpg --sign-key user@email.com gpg --keyserver pgp.mit.edu --send-key KEY_ID
Typing those is obviously a pain, so I wrote a bash shell script to automate them. I also added a grep-like command that extracts the KEY_ID from the fingerprint output so I don’t have to read and type it in manually. The whole thing loops infinitely until I press Ctrl+C. Here’s what it looks like:
Privacy and security
Posted by Steve
on 14 October 2011 17:30
3 comments
Tension between privacy and security is made ever starker by today’s advancing technology and eroding morals. An article by Jonathan Segal describes the legal grounds employers must take to protect themselves from employee backlash when security needs overpower privacy concerns. His solution: ensure that your employees have no expectation of privacy. That frees you to invade it while leaving them no legal grounds to complain about the violation. While Segal’s advice is legally sound, it ignores the more important human elements of the problem: lowering employee expectations does not make them happier or more productive or more ethical but rather less so. Only by raising morale and improving the sense of community and ownership do employers have a chance at positively influencing the human factors that necessitate the security measures in the first place.
Communities of trust
Posted by Steve
on 11 October 2011 12:37
3 comments
I recently read Cliff Stoll’s book “The Cuckoo’s Egg”. The book relates the fascinating story of tracking a hacker all across the world through the early computer networks of the 1980s. While the story itself is worth reading, Cliff uses it to make some excellent arguments about the importance of trust in communities, both in real life and on the network.
Cliff had a terrible time getting the FBI on board with the hacker investigation because they only wanted cases with large monetary stakes. Those bureaucrats failed to recognize the real loss, intangible but just as damaging: trust. Once the hacker broke into one of their computers, even if he harmed nothing, the trust formerly enjoyed by the network users was destroyed. Cliff compares it to a small town where citizens leave their doors unlocked. The first burglar to visit the town, no matter how little he steals, destroys the trust community members had in each other and in the world; people start installing locks on their doors. This “enlightenment” demonstrating the value of strong security worsened forever the quality of life.
Trust is difficult to build and easy to destroy. That is true in families, between citizens and governments, and among community members. This book has made me more aware of the importance of maintaining trust in my personal and professional life, never doing anything to betray it. One thoughtless mistake could ruin everything I have built, but continuous care to my behavior and character will eventually yield its commensurate fruit.
“Pre-crime” being developed by Homeland Security
Posted by Steve
on 10 October 2011 22:42
No comments
CNET reports that the Department of Homeland Security is developing a technology to predict intent through monitoring behavioral changes.
This could be used for all sorts of benign things, like a police officer approaching your car and knowing whether or not you were about to do something rash—he can brace himself before you get too close. The article also cites uses in high traffic events or at border crossings where behavioral analysis can aid in law enforcement.
One can’t help but wonder about the privacy implications this will entail. DHS has said that the system doesn’t store any personally-identifiable information about individuals, but it does require that information to function. Hopefully this system won’t garner the same omniscient status as had the pre-cogs in Spielberg’s film. But even in that case, this system, as any computer system, could be exploited in myriad ways. The technology is only useful within safe, reasonable limits that respect our privacy and agency as human beings.
Value in the “Internet of Things”
Posted by Steve
on 4 October 2011 15:14
1 comment
Phil Windley has a great article titled “Personal Event Networks: Building the Internet of Things.” His discussion of value is insightful:
The customer sees more value in products that cooperate than in products that are merely online.
The reason I bought a Kindle 2 when the Nook had arguably more enticing hardware is because of how the device was connected–it had the Amazon ecosystem backing it, and it integrated well with some other things like Facebook and Twitter. I never even considered the Sony ereader because it was just an ereader with no connection outside itself.
All the same, I wish my Kindle updated Goodreads for me–that would give me a lot of value. Instead, I have to enter my progress manually in Goodreads, and copy and paste quotes I want to share. The services don’t talk to each other. Reading ten pages on the Kindle ought to be enough for Goodreads to update my progress, rather than requiring it to be a discrete action. This leads to another of Phil’s points:
Note that I’m not using the app to plan the trip, I’m using the product—the GPS—but the app sees the events from the GPS and the car and links them together. This is an important distinction because the product, naturally, is the locus of my activity. Rather than forcing the user to interact through a phone interface in a video game-like virtual world, I merely use products as they were intended. The UX is the natural interactions I have with things in my life.
(emphasis added)
An event network is the best model to enable these kinds of interactions. The Kindle needn’t implement the Goodreads API; it could just raise events. Then I can use a language like KRL to glue it together with Goodreads.
Cell phone service on NYC subway platforms
Posted by Steve
on 26 September 2011 20:24
4 comments
AT&T and T-Mobile are expected to roll out cell phone service tomorrow to several platforms in the New York subway system. This is not unprecedented; California’s BART and Boston’s MBTA have had similar systems for years. This is a good move technologically, but many passengers have come to value their time in subway tunnels as a respite from the hectic above-ground life. As I’ve written before, we still need time to think, disconnected from cell phones and WiFi. Offering cell phone service in the subway extends the enticing tentacles of connection, making it harder to put away the devices and ponder. Ultimately, however, it’s still our choice whether to use that time for quiet reflection or feverish emailing.
Paying for something “free”
Posted by Steve
on 20 September 2011 0:09
6 comments
Netflix got a lot of backlash when they raised prices last month by separating subscriptions for their streaming and DVD-by-mail services. Today they announced that the DVD service is being spun off as a separate business unit with a new name of dubious merit: Qwikster. The negative response to these actions emphasizes a critical point of consumer psychology in the Internet era, which Megan McArdle puts well: If people have come to expect something for free, “you will have a devilishly hard time getting them to pay for it.” Netflix has already suffered losses from trying to charge for something people thought was free, and breaking off the DVD service only compounds that problem. A company like Redbox that appears to offer more value per dollar stands to gain the customers Netflix is losing.
Subscription services
Posted by Steve
on 13 September 2011 1:16
2 comments
Amazon is reported to be “in talks” to create a subscription service for ebooks. While Amazon’s “selling” (read: licensing) of ebooks through their Kindle ecosystem currently blurs the distinction between owning something and merely being allowed to use it, subscription services blur that even more. Spotify and Netflix have done that for movies and music–I don’t own the songs I’ve starred in Spotify, even though I seem to be able to listen to them whenever I want. For the convenience of having access to a vast library of media, I have relinquished my claim to control over that media; my ability to stream is at the mercy of Spotify. Amazon would like to do a similar thing with books. It will be a difficult proposition for both publishers and consumers.
Information, Knowledge, and Wisdom
Posted by Steve
on 7 September 2011 22:19
No comments
“Where is the wisdom we have lost in knowledge? / Where is the knowledge we have lost in information?” So wrote T. S. Eliot. Technology puts in our hands a tremendous source of information. Google, for example, has obsoleted the pedantic memorization of facts. But that very technology we call a boon threatens to erode our knowledge in a flood of information, endangering the wisdom that arises from knowledge. Information, while a valuable tool, must not supplant introspection, synthesis, and learning; it should rather enhance them. Technology must not corrode intellectual development but empower it.
Inspiration drawn from “Focus and Priorities” by Dallin H. Oaks and “Five Things We Need to Know About Technological Change” by Neil Postman, both of which cite this idea from T. S. Eliot.