... about some really irritating developments in TV advertising.
I apoplogise in advance, but I think some of these peeves have been simmering for a while now, and it would be healthier all round if I can permit myself a little vent. There are two advertising trends at the moment which are really starting to grate.
The first is when the advertiser treats us like imbeciles, incapable of logical thought. Two examples:
1 - the dishwasher tablet which is sold on the premise that, if you don't use it, filth accumulates in your dishwasher's plumbing tubes and is then swilled around your cutlery and crockery, bathing them in a vile brew which is, by implication, not far short of raw sewage. Of course, being imbeciles we fail to notice that the pipes into the dishwasher come from the water main, and are presumably not already clogged with sewage; and the pipes out of the dishwasher do not convey anything back into it.
2 - the kitchen soap dispenser whose great selling point is that it includes a sensor, so that you can get your dollop of soap without having to do anything insanitary like press down on a squirter. Again, being imbeciles, we have never noticed that the first thing you do after pressing down on a (presumably plague-ridden) soap dispenser is... wash your hands.
Here's the enigma: are these advertisements fatally flawed, foolishly insulting their target market... or are they perfectly crafted, aimed precisely at a market of imbeciles?
The other irritant is a variant on the old "vox pop" technique. Classically, this involves a reassuring third party, such as an interviewer or someone in a white coat, getting totally spontaneous product endorsements out of enthusiastic consumers who are totally surprised at the effectiveness of the product.
The variant (toothpaste being far and away the worst offender) is that when sound-editing your vox pops, you have to remove tiny snippets of silence from between random words. The result sounds something like this:
"I had never realisedthat some things I eatevery day, suchas battery acid, can eataway at tooth enameland cause cavities andbrain rot."
Why? Why do they do this?
I am seriously considering applying for that job, snipping out the tiny gaps between words in fatuous vox pops. Then, like one of my literary heroes, Doktor Murke, I would splice them carefully together again and luxuriate in the resulting silence. Listening to it might even bring my blood pressure down again...
My colleague Avivah Litan has given her insightful and thought-provoking read on the recent US Supreme Court decision here.
Avivah correctly identifies the “opt-in”/”opt-out” dichotomy as a critical element of the discussion. Tracking for law enforcement purposes needs, of course, to be set aside from the debate over user consent… but outside law enforcement – whether in the commercial domain or for public sector service delivery – I strongly believe that there should always be an opt-out available. In fact, my personal opinion is that “opted out” should always be the default, with an opt-in choice if the user wishes.
Of course, if there’s an opt-out, some of the people who exercise it will be virtuous, and some will not. There are those whose take the old “if you have nothing to fear, you have nothing to hide” view – but as anyone who has followed my blogging will know, that’s a view that I find misguided, harmful and pernicious. Avivah’s distinction between law enforcement and the commercial sector helps indicate one of the reasons why: it is clearly not the case that everything the law enforcement authorities know about me should, of right, be made public. Similarly, there are things which commercial service providers know about me which law enforcement authorities have no business knowing. The “nothing to hide, nothing to fear” brigade cannot cope with the idea that those who may seek to harm me can do so whether I have anything to hide or not.
In US v Jones, the Supreme Court was explicit about the citizen’s legitimate expectation of privacy. I tend to take a strong line on that. The ‘default setting’ is not that if I have nothing to hide, I have nothing to fear… it is that unless you have a provable, legitimate reason for doing so, you have no business meddling in my affairs.
2011 was, once again, a bad year for privacy as data breaches releasing usernames, passwords, credit card details and even medical records continued to make news right through the end of the year. Time has proven that no amount of imposed regulation can protect privacy in the face of a determined hacker. What’s needed is what’s called Privacy by Design. Join us in this webinar, where Senior Analyst Dave Kearns will discuss with Ontario´s Information and Privacy Commissioner Dr. Ann Cavoukian,...
I still remember the fun that was had when Dick Hardt first made his cool presentations on User Centric Identity Management and regaining control of who would access to what attribute of your multiple personas, be it online, at home or at work. We all know, that his company sxip identity failed because it did not gain enough momentum to monetize on the idea. Still, concepts such as the (also “failed”, much to my demise) Information Cards by Microsoft or the OpenID approach share some aspects of the sxipper product – putting you in control of your data. The current hype around the new EU privacy and data security legislation is putting some more focus to this!
Apparently, only very tech savvy users – geeks like you and me – seem to widely adopt and use OpenID. I, personally was attracted to Clavid, a Swiss IDP who combines OpenID with the one thing missing everywhere else: Strong Authentication! Most of you know that this is sort of my pet topic here at KCP and so I was really amazed to see them offer Yubikeys, Avionics’ Internet Passport and even SwissID Government issued certificates as a means of strong authentication – making Clavid an early representative of the prospering “Authentication as a Service” market segment. Not prospering enough, I guess, as I did not see the Clavid guys buying fast cars and castles at Lake Geneva’s´ shores…
Anyway, the concept of letting us – the users/consumers/customers – decide on who gets access to which detail of my life and (digital) identity remains an unsolved issue. Be it the tedious task of filling out forms after forms to get your kid into day-care or getting new insurance for your car – you have to share information about yourself and your loved ones and wonder: do they REALLY need that info? And if so: why do they ask me the same questions over and over again?
Wouldn´t it be nice if more of these form-fields could be “auto-filled”, depending on your choice of what to disclose and what not? Wouldn´t it be great to have one common place to securely store all the insurance information, account information and whatnot? Just like putting your valuables in a bank deposit box (or your high-security safe in your secret lair downstairs, depending if you are a super villain or not)? You could even “compartmentalize” your life into stuff belonging to work/career (like digital versions of all your certifications and endorsements), your personal leisure activities (like memberships in sportsclub and your fishing license, Open Water Diver certificate), your kids info (school district, Headmaster contacts, the football team coach) and the list continues.
I recently tried to gather my families´ core identity data, such as passport and ID card numbers, SSN, healthcare ID, tax ID etc. and it took me full Sunday. Last week I did it all over again, as I misplaced the sheet of paper I used – pretty old school, don´t you think?
But all personal stupidity aside: wouldn´t it be great to use that “digital vault” full of your own personal data to actually ERASE all the personal detail that are stored at the gazillion of companies and organizations you interact with day to day? Why must I put my CC info and full address with “your airline of choice”, if I could use their services “pseudonymously” and only allowing access to those details “on demand” while I actually book a flight? Currently, if I lose my CC or it expires the internet economy burdens me with changing my CC info in each of the gazillion pages I do business with. Why?
I am looking forward to a (hopefully very near) future, where I can actually manage my data in one place and have those who need access to it authorized on a configurable basis. Sure, my employer should have continuous access to my bank account information! But if I am leaving – how can I make them erase that info on file today?
Look put for some colnew announcements and blogs on KCP on this – my colleagues will provide more info as it becomes “freely available”
The U.S. government announced plans to put in place within the next five years measures designed to make it impossible to pass on sensitive information to the likes of WikiLeaks. They hope to accomplish this by “tagging” information so it can be tracked in case someone shares it with outsiders.
The idea of creating “information-rich information” is obviously the right way to go in addressing privacy and security concerns in the Digital Age. It is possible, technically at least, to attach rules to individual pieces of information, such as who is allowed to do what with it and what happens if someone who isn’t authorized tries to access them or pass them on illegally. In fact, that is the whole idea of “information-centric IT security, a buzzword that is gaining popularity among Digital Identity Management experts and privacy advocates.
But by publically announcing their aim of stopping another WikiLeaks-style exposure of classified information just shows that the Official Mind has yet to grasp the real implications of the Digital Revolution. “Information wants to be free” was originally a clarion call by Internet activists who believed that transparency should be the hallmarks of an open society. In fact, the real motto is best encompassed in what I once dubbed “Cameron’s Law”, after Microsoft’s “identity guru” Kim Cameron, who once postulated that “sensitive information will be leaked”.
Yes, we all need to do all we can to protect privacy and guard crucial bits of information. But we should also be prepared for the worst. IT Security can create a false sense of confidence in our own defense mechanisms. At least as important as plugging holes in the dyke is to prepare oneself for the moment when the levees break and the floodwaters start to rise. Maybe “Remember New Orleans” would be a good slogan for security professionals to hang on their walls.
I found it particularly poignant to read the name of the official in charge of U.S. government efforts to create the Totally Secure System: Jim Clapper, the Director of National Intelligence, the mention of whom bring irresistibly to mind the old nautical expression about “clapping a stopper” over something, meaning to block something effectively. “Clapper” is actually the word for a safety valve – and as any engineer will tell you, the function of a valve is to let something out before the pressure reaches dangerous levels and pieces of stuff start flying around.
Of course, controlling the release of data so that only authorized individuals are able to see and use them is in fact what Identity Management is all about – or should be.
As you might guess, given that I'm Executive Producer of IT Conversations, I like listening to podcasts. I'm also an iPhone user. Not to put too fine a point on it: iTunes sucks rocks for listening to podcasts. The problem is mostly that iTunes has a crappy interface for subscribing to and managing podcasts. It also downloads only one episode per day, with no way to change the defaults. Moreover it will stop downloading podcasts that you haven't listened to for a while and you have to remember to go in an start it up. I started feeling like I had to "take care of iTunes" like it was a recalcitrant pet or something.
For some reason, it never really occurred to me to download an app for listening to podcasts, although I've downloaded several single purpose ones (like the This American Life app). Then Paul Figgiani introduced me to Downcast. I'm in love. I no longer have to fight iTunes and all my favorites are right there waiting for me to listen to them when I go for a walk or drive to work. The interface is good, with plenty of controls for skipping forward and back or adjusting the playback speed. I also like the built-in "share" features although I wish they allowed me to customize the default text for the share.
Unfortunately, Downcast isn't available on Android. I have an Android tablet (Galaxy Tab) that I've used Google Listen on. It's a functional podcatcher, albeit a little bare-boned compared to Downcast: no speed or skipping controls and no built-in sharing.
So, go grab Downcast, plug in the IT Conversations feed URL and enjoy great tech talks from the longest running podcast on the planet...no matter where you're at.
March 13-14, 2012 at NIST in Gaithersburg, Maryland.
This promises to be an important event for the digitial identity community and perhaps a milestone in progress on the National Strategy for Trusted Identities in Cyberspace (NSTIC).
Don't Miss Out – Online Registration is NOW Open Click here for further details
1. I expect you hear what I’m saying (or typing), and not ignore the essence of it. Example: If I say “I want to cancel my account”, you cannot respond: “I understand you are having trouble with your account.” That’s not what I said. 2. I expect that you respond in a timely manner. Example: [...]
As you are probably aware, a revision to the EU's e-Privacy Directive was recently transposed into UK law as the Privacy and Electronic Communications Regulations 2011, or PECR. PECR means that, as of May 26th 2011, UK websites are required to obtain users' informed consent before tracking their online behaviour through means such as cookies.
Well-meaning though this legislation may be, there are a number of practical issues with its implementation. As it has never been my intent to invade, subvert or otherwise compromise your privacy, this post is a brief indication of some of those issues, and the possible impact on you as a visitor to this blog.
First, jurisdiction: is this a UK site? Well, I'm located in the UK, and it's my blog, so I'm going to behave as though it is and assume that PECR 2011 applies to it and to me. However, as Blogger belongs to Google, and Google are notoriously reticent about revealing the location of their data-centres, I have no idea where this blog is actually hosted. I suspect a lot of individuals, small/medium enterprises and organisations are in the same position: wherever they are, their websites may or may not be hosted in the UK, and that may give rise to some question as to whether or not PECR can be enforced.
Second, enforcement. The UK ICO has, allegedly, been 'pressured' by the UK government not to enforce PECR, at least for a year while companies figure out what to do about the law. On the one hand, I have little sympathy with this: EU legislation moves at a pretty normal pace for law-making, and PECR has been inching its way down the legislative alimentary canal for many months now. Its emergence should not have come as a surprise to anyone.... but let's not take that analogy any further. On the other hand, there's no doubt that the mechanisms for doing a good privacy-respecting job of gathering user consent are sadly lacking. Of course, as the only viable candidate for deploying such mechanisms is the browser, and as the dominant browsers on the planet are all developed outside the EU, that shouldn't come as a surprise either. On the third hand (as Zaphod could have said) why in Zarquon's name didn't Viviane Reding and her merry band of legislators think of that when they were designing the amendment?
Third, practicality. I do use a couple of counters to track visits to the blog: as you can see, there's a ClustrMaps graphic on the page, and though you can't see it, Statcounter is also enabled. For those two tools, I can give you the following assurance: I never use them for anything other than an occasional look at how site traffic is trending over time. I sometimes look at the per-country breakdown of visits, and if I'm getting persistent spam comments I may look at the IP address of a specific visitor. However, I never use the tracking details for any other purpose, and never knowingly disclose them to any other entity. I don't use Adwords or Affiliate Network, nor is it my intent to do so.
However... it is entirely possible that Blogger, as the host of the blog, gathers statistics about both my use of it and your visits to it. Over that, I have no control. Again, I suspect that many, many individuals, organisations and small/medium businesses are in the same position - and as 'cloud' computing continues to grow, that situation will grow with it.
That leaves me with two problems:
1 - if you don't like the relatively minor use of cookies I do make on this site, and/or don't trust my promise not to abuse the data collected, I'm afraid I don't have any practical way of gathering your consent (or withdrawal of it). Nor do I have a way of turning cookies off for you while still somehow keeping an eye on site usage. By all means block or delete my cookies at your end, if you have the means to do so; I won't be offended (in fact, I won't even know), and as far as I am aware, it won't affect your ability to browse the site.
2 - if you don't like the idea that my hosts (either for this blog, or for my website, for instance) may also be setting cookies, I can sympathise, but there's very little I can do about that. Nor do I think there's any reasonable expectation that they will ask for your consent via my blog. If you have a problem with that, please leave a comment, and then we can both stare at it and wonder what to do next...
So, what can we expect from the PECR 2011 amendment?
Will it immediately change the way in which companies track your online behaviour? No.
Will it change the way browsers handle cookies and consent? Possibly, over time.
Will it advance the debate over online privacy: I sincerely hope so, even if it's only through increased discussion, as opposed to immediate improvement.
Will it resolve the tension between technologists who see the law as an inconvenient obstacle to commercial progress, and legislators who don't understand the technology but want to be seen to be doing something? No. That, regrettably, is something we're stuck with for the foreseeable future. Welcome to Aldous Huxley's world.
Thanks for summarizing the problem so nicely, Phil. And a tip ‘o the hat too to Cory Doctorow, whose talk on the subject Phil credits as well.
Incidentally, Phil’s point that we don’t need new laws governing technology, we need to enforce existing laws about harmful behaviour, explains why Connect.Me created the Respect Trust Framework. It is the legal fabric of a “purposeful network” where the incentives are so strong not to violate the trust of others that we will not have the kinds of rights violations that SOPA and PIPA are trying, misguidedly, to address.
When I upgraded to the iPhone 4S the day after Christmas (it was really an Apple Christmas in my household this year), I made the difficult decision to stick with AT&T.
My experience with routinely dropped calls has been just as bad as anyone else’s, so ever since Verizon got the iPhone I was convinced I’d switch when I upgraded (the rest of my family has been on Verizon for years).
But in the end, my grandfathered data plan plus the convenience of being able to use voice and data at the same time plus the investment AT&T is making in 4G made me decide to stick it out another 2 years.
So I really, really wanted to believe AT&T is at last getting its act together.
And then I receive this post-sale email from AT&T with the subject line Let’s Talk about your new iPhone. In the body they offered links to a host of helpful tools:
Thinking it would be wise to watch a tutorial (just to see if there’s anything else I should know about my new 4S that my 16-year-old son — or the wonderful Siri — hasn’t already showed me), I clicked the first link.
The result was not the iPhone tutorial I expected, but a generic web page titled Cell Phone and Interactive Device Tutorials. I think to myself, “That’s dumb – why not just link directly to the iPhone tutorial like the link said?” But what the hell, maybe AT&T’s websites are so poorly designed that they didn’t allow internal linking. So I dutifully clicked the Manufacturer drop down to choose Apple, and…
…WTF??? NO APPLE!!!!!!!
Poof. There went the tiny puff of faith I had left in the AT&T turnaround.
I mean, COME ON, AT&T, DO YOU HONESTLY EMPLOY NO PROOFREADERS FOR AN EMAIL YOU SEND TO ALL NEW IPHONE CUSTOMERS WITH A LINK TO AN IPHONE TUTORIAL THAT DOESN’T EXIST???
Please tell me what happened here. I invite anyone from AT&T to reply as a comment to this post so I and anyone else reading this will have some clue what’s going on with you.
Sincerely,
– A Customer Who Really Wants to Believe He Didn’t Just Throw Away 2 More Years of Service
Google announced Tuesday its plans to integrate data from all its services with your profile for logged-in Google+ users.
She makes this assertion in the early part of the article.
The Internet, nowadays, is overwhelmingly dominated by fora in which you hang out as your actual self. Facebook. Twitter. And now, Google.
While I understand her assertion that the net is "dominated" by these fora. There are two assumptions one is that the people in those places are being 'Their actual selves" when the research shows that people are being thoughtful and careful about how they present in different places and what aspects of themselves they share where (see danah boyd's research about young people and networked publics). I think in one way she is right the people like her - who went to college and have mainstream white collar jobs are on these fora with their real names but most people who actually do interesting hobbies or have religious lives that they don't share publically or across all contexts of their lives either are not sharing about these on those fora or they are keeping them contextually separate using different names and handles.
This weekend at She's Geeky I am going to ask a lot of questions of the women coming about how they do manage their identities and what they want and need out of digital systems to feel safe using them.
Tie actions online to our real identities, and suddenly online activity has real-world consequences.
This is very true and unless we build tools that give people both persona management and context management we are going to be creating a really creepy world. See my TEDx Talk on Participatory Totalitarianism.
At Ping Identity, our culture and values are everything. Our good friend, Nishant Kaushik, relates that the same is true at Identropy. He explains their drive to maximize purpose. Also, check out the great video about one of his favorite books, Drive, by Daniel Pink.
My speech at the Digital Privacy Forum in January 2011 articulating a vision that goes beyond "Do-Not-Track" vs. Business as Usual, creating a new ecosystem where people collect their own data.
The National Strategy for Trusted Identities in Cyberspace asked industry leaders to share their ideas on how the Identity Ecosystem should be governed and managed. I wrote a response that covers much of the history of the user-centric community along with a vision of how to grow consensus.
UpDATE: Google relented a bit, however I am still waiting to see if my name of choice was approved. You can read about the process I had to go through here. The New Google Names Process
I STILL have my Google+ profile suspended for using a [ . ] as my last name. Prior to that I had "Identity Woman" as my last name and prior to that... before I ever got a G+ profile and since I started using Gmail and Google Profiles I had a [ * ]as my last name. [see the complete list of posts about this whole saga below]
It is my right to choose my own name online and how I express it. Names and identities are socially constructed AND contextual... and without the freedom to choose our own names, and the freedom to have different names (and identifiers) across different contexts we will end up with a social reality that I don't want to live in: Participatory Totalitarianism.
The last names that I have had during my life are Young, and currently Hamlin (my soon-to-be ex-husband's last name). I plan to have a last name of my own, different from either of those, within the next few years. I do not choose to "promote" this last name as the HEADLINE of my profile in Google - that is a representation of my professional self online. Yes, people walk up to me IRL (In Real Life) and say "Yeah! You're Identity Woman, aren't you" - yep . It is, believe it or not, a "common" name for me as the G+ "requirements" call for. Just like it is common for BotGirl Questi to be called that when she is in that persona online. Botgirl has the best collection of articles on the web about #nymwars and amazing art protesting what happened to her and all of us who have been suspended - comic book covers, songs re-written with new lyrics, impassioned monologs.
In the digital world "identifiers" are totally linkable across contexts - that is, different communities and contexts that would never meet In Real Life cross online with common identifiers. So if you don't have the freedom to choose which identifiers (name, e-mail address, phone number, physical address,) you don't have the freedom to keep identifiers in different contexts separate, and if you can't keep them separate, that means they are linkable. Without that freedom, you can't explore or be a part of niche communities of interest that are not mainstream or not appropriate for some other context you also belong to. Here are some examples:
the gambler at church,
the "crazy" ferret lady at work
the gardening gun lover
being part of a minority sexual community
proactive environmental activist working at a logging company
being a Buddhist in a part of the country where everyone goes to church on Sunday and doesn't talk about religion because they would be ostracized OR the other way around being a very devout christian in a part of the country where when they do inter-religious services they include everyone except christianity...and you just would rather your faith not be "public"
going out in the woods every few weekends dressed up like knights and ladies, while being in the Army Reserve on other ones.
This freedom to have multiple personas for multiple contexts, just like the right to vote for our government in a secret ballot box, is essential for a free society. If we do not fight for and maintain these rights, we will end up with Participatory Totalitarianism.
Nymwars: IRL on Google Lawns. My idea to "occupy" the lawn of Google with a colourful range of folks who want the right to choose their names. I wrote this after I figured out a week into this that it wasn't going to end, and they hadn't just made a mistake.
This post was written after watching Tim O'Reilly talk to Bradley Horowitz the manager for social at Google. In it, Tim calls users asking for the right to choose their own name self-righteous and strident. I make a link to a classic American story, Roots, where Kunta Kinte, a man stolen from his village in Africa, taken to the United States, and sold into slavery refuses to take the name his slaveowner gives him, Toby - he is whipped until he accepts this name. I asked Tim and Brad if Kunta Kinte was self righteous for standing up for his own name... Tim said no, but that is a self-righteous question to ask.... well, that was on Twitter and a very interesting conversation followed with several tweeters, that resulted in Tim framing what was happening as a lynch mob against Google.... you can see that in this post.
"Bonus suppression" Google runs YouTube and they took the clip of the movie scene down for "inappropriate nudity or sexual" - it has neither, it just made a dramatic point and made them look bad. In the clip Kunta Kinte is facing the camera with part of his chest showing being whipped from behind by a white man who is working for the slaveowner until he breaks. After repeating his name is Kunta Kinte when asked what his name is, he finally says... it is Toby.
With the nymwars unfolding (Nym = Pseudonym , Anonymous and other varities on this theme) this video of the Google-Zon story in the year 2014 seems more prescient then ever.
EPIC in this video stands for the Electronic Personalized Information Construct
The computer writes a new story for every user (sound like the Filter Bubble?) everyone contributes and in exchange gets a cut of the revenue...
Relevant background
Who is Harmed by Real Names Policies developed by the Geek Feminism Community... prophetically I included in the response I gave to the Notice of Inquiry about governance of the Identity Ecosystem as outlined in the National Strategy for Trusted Identities in Cyberspace that I wrote, before I myself was affected.
Today people were tweeting/writing about the new google+ names policies. Well. I just went through it and it involves many screens and an appeal into the Kafkaesqe googleplex that takes up to 3 days before they approve your name request. I think they should to this to EVERY user cause how do I know your name "is" David Smith...it just doesn't trigger their dictionaries prompting inquiry into the legitimacy of your name...Ok but I digress...lets see how this works.
First you are discouraged from changing your name and limited to the frequency you can do so. You have to click "change name" to do anything.
Then my Name doesn't meet their Names Policy (at least they dropped the name violation language).
I clicked on the "Click here" to submit an appeal
More are you sure....
Really sure you know what your name is....
Now you can fill out the form....
I put my e-mail address as Kaliya@identitywoman.net (yes I have that one).
I linked to my blog, twitter and a Read Write Web news article that refrences me that way.
For extra documents I uploaded the Laws of Identity that lists me in the opening paragraph amongst all my professional colleagues as "Identity Woman Kaliya." You know if you having your name listed in the thankyous of the Laws of Identity as your profile name on google - I don't know what will qualify.
Andrew Nash the head of Identity at Google is friends with a bunch of us in case you need to know the context Googlers - googling the laws to confirm my/their legitimacy.
Then you get this lovely confirmation....
We shall see...
UPDATE:
Not hearing anything at the e-mail address I submitted to them as my e-mail address. I re-appealed. And of course had to do extra cognitive work to not hit the very attractive blue "cancel" button along the way. This then appeared inside my profile page.
Well, it may have been a quiet week in Lake Wobegon, but in the privacy and policy domain it has been quite the opposite. Wikipedia and a number of other sites went dark in protest against SOPA/PIPA; the Feds took down the MegaUpload file-sharing site, alleging violation of piracy laws; Anonymous retaliated by taking down a slew of SOPA supporters; and the European Commission has just announced its new, pan-European Data Protection Regulation (link to PDF version).
But let’s not talk about that… let’s talk about the 4th Amendment. For those on the right hand side of the Atlantic, the 4th Amendment is the part of the US Constitution which establishes the individual’s “right to be secure from all unreasonable searches, and seizures of his person, his houses, his papers, and all his possessions”. Like any constitutional law, it has been subject to a great deal of interpretation in the 221 years since it was ratified, not least as the law tries to keep pace with new ways of “searching” and “seizing”.
The 4th Amendment is often considered to be the closest thing US citizens have to a privacy right, and it generally establishes the need for any violation of that right to be backed up by a judicial warrant. Of the current Supreme Court, Justice Antonin Scalia is the one who most commonly dissents from this view, holding that the “reasonableness” test can be satisfied without a warrant. However, in a judgement this week Justice Scalia joined with his peers in finding unanimously in favour of the need for a warrant.
The case at issue was US vs. Jones, and the Supreme Court ruled that US law enforcement authorities had violated Mr Jones’ 4th Amendment rights by fixing a GPS tracker to his wife’s car, and using it to track his movements. Mr Jones was, at that time, suspected of being involved in drug dealing.
The judges ruled that, in attaching the device to Jones’ car, the police had physically intruded into “a constitutionally protected area”, and that this ran counter to a legitimate expectation of privacy in that respect. Justice Sotomayor and Justice Alito both drew attention to the issues of keeping 4th Amendment protections in step with rapid technological change – not least, the fact that so many of our personal actions are tracked by commercial websites and hand-held devices.
The court held back from ruling on what other means of surveillance might violate the 4th Amendment rights, though it is clearly something they thought about in their review of prior case law. As a result, the two aspects I mentioned above (physical intrusion, and expectation of privacy) are very likely to be the basis of future decisions, if it should come to questions of whether, say, traffic camera data can be used to track a suspected criminal. There would be a strong argument that the installation and operation of traffic cameras does not involve intrusion into a constitutionally protected area, and that it does not infringe on an expectation of privacy.
Whether that will extend into the online domain of web tracking remains to be seen.
So much for the 4th Amendment… I’ll see your 4th and raise you one: in a quite separate case, a judge in Denver ruled that an individual could not claim 5th Amendment protection from a law enforcement request to decrypt data on her laptop. (The 5th Amendment is the one establishing, among other things, an individual’s right to refuse to give information which might incriminate them).
In this instance, the suspect declined to decrypt the contents of her hard drive on the grounds that it might incriminate her. The judge held that, even if the police did not know the specific contents of a specific document, the fact of its existence was a foregone conclusion, and that therefore the 5th Amendment did not apply.
I have to admit, I don’t quite follow that chain of reasoning, but like I say,the law is having a job keeping pace with technological change. It has been an interesting week, then… and I dont see the pace of change slowing down any time soon.
GÉANT Identity Federations currently have a lot of ongoing activities. Here is a summary of what we are working on, and the current status.
Federation Lab › Test Federation
Goal:
allow new SPs and IdPs to easily connect to a set of available entities that are available with no contract neccessary. Self-maintained.
Activity expected to be done April 2012.
Miro: Nothing to update.
Federation Lab › Monitoring and statistics
Miro: As I promised we’ve done preparations for using f-ticks with SSP in production in our federation. I’ll be able to report on that next month.
Federation Lab › SAMLtracer
A significant patch reveiced from Mark Dubrovnic. Some of the patches incorporated, some left. Including UI updates, and support for import export.
Some planned features: Notifications of SAML artifacts, support for IdP Discovery protocol.
Federation Lab › OpenID Connect
We’re making progress. In Februrary we’ll be able to connect the front-end test run UI with the backend test tool, and present to visible results.
There is an interop event in San Fransisco, then a new OpenID Connect meeting in Paris next to IETF. Roland is attending to IETF + Kantara meeting. Andreas might as well. We will have some demo available before that.
The backend test tool is able to produce test results for the initial simple test cases, it is tested against several OpenID Connect Provider implementations.
We’re planning on preparing test fascility for OAuth 2.0 in addition to OpenID Connect. That tool might be very useful for the VOOT work.
RedIRIS will perform an implementation of OpenID Connect that will be coordinated with the test fascility. RedIRIS already have experience and a library for Oauth 2.0, and will make use of that. They will also make an simpleSAMLphp module to make it very easy for enabling OpenID Connect support in an existing IdP or SP running SSP.
UNINETT has implemented OAuth 2.0, and tested against Leifs implementation. Some problems, but we made it work. OAuth 2.0 support will be integrated into Foodle, this spring.
SurfNet: Ready to exchange OAuth keys with Foodle, is ready to also consume groups from Foodle as a client. Will implement OAuth 2.0 in second half of 2012.
Renater: Has already completed sympa VOOT OAuth 1.0 based implementation. OAuth 1.0 based implementation is made publicly available. Prepared to test against Foodle and SurfNet. Working on OAuth 2.0. Exepcted to be ready March 2012.
SAML2int
The SAML2int profile is being transferred to Kantara Initiative: Federation Interoperability WG.
Scot is will apply some minimal changes contribued by Ian Young.
Federated Provisioning
Mads Freek have been hired by Wayf to work on – mostly – Stinus.
Stinus is the ‘Federated provisioning and de-provisioning’ project originally proposed by WAYF, SURFnet & JANET as per the enclosed pdf.
I expect to have a pre-poc up an running in week 6 and expect to update the description to reflect some recent changes – mostly the use of Gearman both inside core and as the protocol between Stinus components.
Working prototype within 2 weeks.
Wayf will ensure comatibility with connectors used from the Sun provisioning Framework, that also used in Netherlands. Wayf and SurfNet is in dialogue.
Remco has already done some work on Federated Provisioning, will also do much work in the year to come, but it will be funded by another project. Remco will share a deliverable related to the work on the mailinglist.
DiscoJuice
No updates.
Moonshot
Technology is settling down, more mature, and spec.
Most activity on supporting customers on piloting activities.
Piloting activities around these areas:
Classic e-Science fascilities. SSH access, visitors with physical access to console.
UK National Grid Services.
Cancer Research UK: for microsoft exchange, file sharing, etc. Large organization, divded into 5 institutes.
UK National Health Services. Interested in starting piloting.
Likely initial most important use case: federated login to regular desktops (between different, unrelated MS Active Directory domains), not just applications
Other topics
Hot topic: GEANT 3+
Convention in Madrid for activity leaders, 27th February.
Nat Sakimura has written a valuable post describing OpenID Connect in a nutshell. It shows by example how simple it is for relying parties to use basic OpenID Connect functionality. If you’re involved in OpenID Connect in any way, or are considering becoming involved, his post is well worth reading.
Nat Sakimura has written a valuable post describing OpenID Connect in a nutshell. It shows by example how simple it is for relying parties to use basic OpenID Connect functionality. If you’re involved in OpenID Connect in any way, or are considering becoming involved, his post is well worth reading.
So it seems that Facebook is trying to force Timeline on everybody. With all due respect, but this is plain stupid. I do not want to have a timeline, ever. I will try to stop this, but if they go through with this, I will likely end my presence there.
As indicated earlier, I am participating in my town’s information systems advisory board as a chair. Our proposal to move forward with a strategy to modernize the IT assets of the town received a big boost last night, when the Town Meeting approved an article to move forward with an initial assessment of the IT environment. The way ahead will be discussed in the next ISAC meeting, but we have indicated in the meeting last night, that we want to put out an RFP for this initial activity.
Industry events – Kantara members receive a discount at the following events, contact Dervla O’Reilly for the discount codes dervla[at]kantarainitiative[dot]org:
- The Smart Card Alliance 2012 Payments Summit - Feb 8-10, in Salt Lake City, Utah, USA
- HIMSS HIE Symposium 2012 – Feb. 20, 2012, Las Vegas, Nevada, USA
- Kantara Face-to-Face Meeting - April 13-14 - kindly facilitated by Fraunhofer SIT at their meeting facility, Garching, near Munich, Germany
- Kantara Summit at EIC Conference (detailed agenda to follow) – April 17, Munich Germany
Some services have experienced problems with ADFSv2 when using SAML2 authentication request scoping elements (IdP choice at the SP side).
ADFSv2 does not support SAML2 scoping.
WAYF has changed the handling of SAML2 scoping elements so that they are no longer conveyed to the IdP side, even though an authentication request is issued.
This behaviour is not in accordance with the SAML2 specifiation but is seen as a nessecary 'tweak' to allow ADFSv2 IdPs to function poperly.
As soon as ADFSv2 supports SAML2 scoping elements, WAYF will return to the behaviour described in the specification.
Today, after 7 months, Bradley Horowitz announced that Google Plus will accept some pseudonyms. Kinda. If you can prove you're already famous. And can convince their robot it looks like a name. However, Google Engineer Yonatan Zunger spills the beans in a comment on that thread:
First of all, you might ask why we have a names policy at all. (i.e., why we don’t simply go with the JWZ proposal) One thing which we have discovered, while putting some miles on the system, is that it is indeed important to have a name-based service rather than a handle-based service. This isn’t a matter of functionality so much as of community: You get a different kind of community when people are known as Mary Smith than when they are known as captaincrunch42, and for a social product in particular we decided that the first kind of community is the one we want to build. In order to do that, we want to establish a general norm that the names you put in to the system should be names, not handles.
So one thing that our name checking flow tries to catch is handles, which should normally be nicknames, shown in addition to a name. The other important thing it’s trying to catch is people who are creating individual accounts, rather than +Pages, for non-human entities such as businesses or organizations. The behavior of +Pages is deliberately restricted in the system, and we don’t want people to be creating fake human accounts to circumvent that. The name check turns out to be a very powerful tool to catch these.
Our name check is therefore looking, not for things that don’t look like “your” name, but for things which don’t look like names, period. In fact, we do not give a damn whether the name posted is “your” name or not: we will not challenge you on this basis, nor is there any mechanism for other users to cause you to be challenged for this.
There are two main cases where the name check screws up. One is false positives: people (such as you) who have unusual names which get flagged because they looked like handles. Being able to appeal via things such as drivers’ licenses is useful for this case, since it’s a simple “oh, we got this wrong.” The other case is people such as +trench coat, who are so well-known under this handle that it would be bizarre not to let them onto the system under this name. For this case, we allow appeals based on being well-known under the name: thus the ability to prove the “established pseudonym.” We’ve deliberately set the threshold for that latter case fairly high for now, but we intend to continue to tune it; the objective is that the frequency of such names should basically be the same as their frequency in meatspace.
So to answer your questions one-by-one:
(2) “Meaningful following” only applies to cases of established pseudonyms which do not look like names. The definition of “meaningful” is deliberately vague so that we can tune it, so that it behaves in a natural fashion.
(3) That’s correct; drivers’ licenses are for false positives, not pseudonyms.
(4) Unusual names will indeed hit friction, because of false positives. We’re trying to minimize that, but it’s going to take some trial and error.
(5) Google+ can absolutely be your first identity online. No matter what your language, no matter where you come from. The “established pseudonym” logic should apply to a very small subset of people. If some groups are seeing a higher false positive rate than others, that’s a bug, not a feature, and we have the data available to spot this situation and remedy it.
(posted in full, in case of subsequent retraction, and because G+ doesn't have permalinks for comments)
Yonatan admits what Bradley obscures:that this is an Identity Theatre issue. They don't want your name, They don't care if you have a forename in one language and a surname in another. Let me quote this exactly:
Our name check is therefore looking, not for things that don’t look like “your” name, but for things which don’t look like names, period. In fact, we do not give a damn whether the name posted is “your” name or not: we will not challenge you on this basis, nor is there any mechanism for other users to cause you to be challenged for this.
Google+ is letting an algorithm decide what is a name and what isn't. You will be forced into it's Procrustean idea of what names are, or be harassed for it. You have to pass as normal, like call centre workers forced to learn to sound American.
You can create disposable accounts with fake names, as long as they look plausible to Yonatan's bot.
Registration is open for the Kantara Initiative meeting April 13-14, 2012. Many thanks to Fraunhofer SIT who will facilitate us at their meeting offices in Garching, just outside Munich, Germany.
We invite you to join us at our 2-day event where Kantara’s Board of Trustees (BoT), Leadership Council (LC), Discussion Groups (DGs) and Working Groups (WGs) will convene.
Early bird registration is available until March 16, 2012. With our pricing structure, you can sign up for 1 day or the full 2-day event.
Please Note: Non-member Independents/Contributors/Students who register by the early-bird deadline are entitled to credit their meeting registration towards an Individual Contributor level membership.
I’ve been traveling a little bit last week, visiting a major customer in the UK (helping with their OpenDJ based directory service that has grown from 13 Millions entries to 17 Millions in a about 6 months).
Last week was also a busy week in term of news for ForgeRock. First, we’ve announced the release of OpenIDM 2.0, a major version of our real-time identity life-cycle management, provisioning and synchronization software product. OpenIDM 2.0 is a new release, but is already running in production at a few happy customers.
ForgeRock and Qubera Solutions have announced a partnership for the delivery of Standard-based Identity Services based on ForgeRock I3 Open Platform. Qubera Solutions offers workshops and migration tools to help former Sun Microsystems customers to move away legacy software solutions.
I’ve also came across a blog post from Martin Sandren, that positions ForgeRock as one of the challengers on the Identity and Access Management market. It’s an interesting reading and it looks like the previous announcement does start to address some of his concerns.
And finally, we’re expanding and therefore we’ve published a few job postings on our web site. I’m pretty confident that these are just a few to start with and we will have more, including some in our Grenoble Engineering Center.
In my last blog post I discussed the business reasons for auditing your server infrastructure. In this blog post I will walk you through various options to do auditing of servers, and some of the pros and cons of each.
Not long ago, Apple boasted that its products were made in America. Today, few are. Almost all of the 70 million iPhones, 30 million iPads and 59 million other products Apple sold last year were manufactured overseas.
Why can’t that work come home? Mr. Obama asked.
Mr. Jobs’s reply was unambiguous. “Those jobs aren’t coming back,” he said.
For computers, phones and tablets, it's hard to make a real premium product, as the economies of scale work so well - Tim Cook's Apple has closed in on PC prices by a focus on costs and suppliers, and by building fewer models and relying on Chinese flexibility to ramp them up.
The Gold iPad 2 had a huge premium price, but also weighed more the 3 times as much as a normal iPad.
Instead, what if Apple made premium USA iPads, MacBooks and iPhones? They could have a distinctive look, so people knew they were US made, focus on the higher-end models, and charge a premium markup for the warm glow of supporting US jobs.
How much more would it cost? Hard to say, according to the NYT:
It is hard to estimate how much more it would cost to build iPhones in the United States. However, various academics and manufacturing analysts estimate that because labor is such a small part of technology manufacturing, paying American wages would add up to $65 to each iPhone’s expense. Since Apple’s profits are often hundreds of dollars per phone, building domestically, in theory, would still give the company a healthy reward. [...] Another critical advantage for Apple was that China provided engineers at a scale the United States could not match. Apple’s executives had estimated that about 8,700 industrial engineers were needed to oversee and guide the 200,000 assembly-line workers eventually involved in manufacturing iPhones. The company’s analysts had forecast it would take as long as nine months to find that many qualified engineers in the United States.
In China, it took 15 days. [...] A few years after Mr. Saragoza started his job, his bosses explained how the California plant stacked up against overseas factories: the cost, excluding the materials, of building a $1,500 computer in Elk Grove was $22 a machine. In Singapore, it was $6. In Taiwan, $4.85. Wages weren’t the major reason for the disparities. Rather it was costs like inventory and how long it took workers to finish a task.
Compared the the huge price disparities for other goods, these seem modest; for example, Timoni found a nice carry-on bag recently:
Couldn't find carryon I wanted. Then found a nice one: "This is good, I could get this." Price? $8,000. *doh*
So here's my proposition for Tim Cook: Reopen the Elk Grove Apple factory to sell top-line Apple products, designed for those who want 'designer' luxury goods, and are willing to pay more for exclusivity. Make the 'made in USA' a key argument for a premium price. that way you need fewer staff than in China, and paying them well just adds to the cachet of the devices. You could cover them in Jasper Johns Flag, visibly number them as a limited edition, or come up with something more creative. As a way of extending the product line to a new, higher price point, while quieting those who wish Apple did more in the US, it seems an a obvious move.
The hot topic in IT (and beyond, for many organizations) in 2012 will be Security, including all its facets such as Identity and Access Management, SIEM (Security Information and Event Management), Anti-Virus and IDS/IPS (Intrusion Detection/Prevention Systems), and all the other components. That will also give the GRC market (Governance, Risk Management, Compliance) another strong push, because GRC tools are increasingly used to define and manage security controls in a consistent way. GRC is becoming the business interface to security management, translating the complex information for the business and providing a consistent insight. This consistency is mandatory for a holistic view on increasingly complex attack scenarios.
The reason why security will be the topic in IT this year is simply that the number of attacks from the Internet is increasing. In popular terms this frequently is named “cyberwar”. However, most of it isn’t war; most of it is organized crime. So we should be careful with the term “war” in that context. Nevertheless, there are more cyberthreats than ever before. More precisely, there are many groups of attacks on the Internet. Governments are attacking other countries – as (most likely) in the Stuxnet case. Hacker groups are attacking states and industries, as in the recent Symantec source code leak, which appears to have been an attack of an Indian group of hackers against an Indian government agency or in the recent Anonymous attack targeted against the finance industry. And many different groups, from nation-states to politically-inspired hacker groups to organized crime, are attacking companies. The reported numbers of large companies having been attacked in 2011 is coming close to 100%. There is an increasing number of attacks against SCADA (Supervisory Control And Data Acquisition) systems, i.e. systems controlling industrial environments and the likes.
There are different motivations of attackers. There is the “war” part, which most likely runs as part of a bigger “hidden war” (think about the recent killing of an Iranian expert from the nuclear industry) for example between Israel and Iran. There are the criminals, looking for money. There are the hackers, looking for honor and glory, for acceptance, for domination; following their social or political targets, they are also attacking a lot of different targets.
Regardless of the motivations, the game has fundamentally changed during the past two years. And I’m convinced that what we see is only the tip of the iceberg – and only the beginning. However, in 2011 not only the threats have increased but also (fortunately) the awareness of organizations has increased as well. Nevertheless, there is a significant gap between the level different attackers have reached and that of the potential targets. So the potential targets have to react and invest in security.
As I’ve written in several of my other posts, especially around SIEM and the need for holistic security concepts, it is mandatory to address the growing security challenges with a holistic perspective. APTs (Advanced Persistent Threats) are proving that attacks are getting more complex and sophisticated – and that there is no way to counter them with a single layer of security.
If you want to learn more about these issues, EIC 2012 is the conference to attend. See you in Munich in April.
A question that has been coming up a lot lately is how does one send a SAML bearer token to downstream WCF service? In each of the recent cases, a front-end app was being presented with a token that it needed to convert to SAML before calling the back-end service. To do this, the Web app would send the incoming token or some other credential to an STS, get the SAML token back, and include it in its request to the next service as shown in the following sketch:
To create such a system using .NET requires certain config on the client and server, so I'll enumerate what's required on each. At the end of this post, you'll find links to other blog entries w/ more detail and a link to download a sample project.
Use the WS2007FederationHttpBinding binding w/ transport security (as in the client)
Like in the binding of the client, set the Message.IssuedKeyType to SecurityKeyType.BearerKey
Make sure it's expecting the assertion to be signed by the cert of the STS (by wiring up an IssuerNameRegistry that will check)
Configure the audience restriction to be the same one included in the SAML assertion
If you're self-hosting your WCF service on Windows 7, check out this write up from Aviad P. about using netsh to configure HTTPS. (This was the part of all this that took the longest for me. Grr!)
If after reading the above, things aren't quite clear yet, check out these blog posts for more details:
I've been pretty focused recently on Access Governance and specifically how large organizations can get their arms around the problem of access as it relates to unstructured data (mostly file systems and SharePoint). Most of the people I speak to who have responsibility for answering the related tough questions are simply overwhelmed by the sheer size and complexity of the challenge.
It led me to consider that there are a different set of tasks I'd recommend to those people than I might to someone who has a somewhat more mature access governance program. So, I started documenting an Access Governance Continuum; a maturity model of sorts that discusses how to tell where you stand and what the ideal next steps might be. A whitepaper is in the works, but essentially it looks something like this:
Confused > Planning > Cleaning > Maintaining
To illustrate a few examples:
In the Confused stage, you might want to run scans to identify open file shares. In the Planning stage, you'd be identifying data owners / custodians for those shares. In the Cleaning phase, you'd be working to clean up trouble spots and diving deeper based on what you've found. And in the Maintenance stage, you'd be automating some of the cleanup based on business rules.
This is all based on real-world projects, what has worked for the world's largest organizations, and how that knowledge translates to a mid-market need for pragmatic solutions.
This week was my first as SOA Working Group co-chair, and interesting it was:
hData was confirmed to be published as a DSTU with the reconciliation package posted and the specification out. This really wraps up the first stage of standardization with OMG and HL7 now having the respective specifications in early adopters mode. The next step will now be to move ahead, try them out, and fix all remaining kinks.
With hData, FHIR (aka RFH), and CIMI pushing further into the direction of exchanging simplified partial model graphs, it becomes really important to fully understand and advertise the implications of services in healthcare. While documents and messages have their established place in the world of health IT, services can enable a much more fine-grained level of access to clinical information.
In such a service context, more granular access restrictions on individual data elements or partial graphs can be realized through element or paragraph-level tagging of data. The tags can describe an elements level of sensitivity or establish special information compartment e.g. for Title 38 categories.
CTS2, the Cross Paradigm Interoperability Implementation Guide for Immunizations (CPIIGI – or ‘cross piggy’), and of course FHIR also had a pretty successful showing at the meeting.
Next steps are to create the ballot material for the Medication Statement Service, likely using the RMIM for Medication Statements and perhaps even the Medication Administration as payload. Furthermore, Grahame and I are scheduled to meet in mid-February to discuss how FHIR can create hData Content Profiles for FHIR resources, harmonizing these two approaches. Furthermore, I will work with John to discuss how the emerging IHE for mobile activities integrate with hData. And last, but certainly not least, I will hopefully get the chance to work with Mike on Data tagging for Health IT. This activity would be really great, since it would tie a number of different projects I am working on together.
I'm excited to announce that I am running for one of the available OpenID Foundation Community Board seats. While I've been a long time advocate of OpenID and open identity solutions in general, this is my first time seeking to serve the identity community is such a role. My self-nomination is now up in the OpenID Foundation Membership area. If you are so inclined, I'd greatly appreciate your "seconds" to make me an official nominee and of course your votes in the upcoming elections. :-) Here is my self-nomination statement:
I am an advocate of open identity solutions for the Internet and I believe that OpenID Connect has the opportunity to be a key identity protocol for the Web.
I have a long history with OpenID, starting with AOL (my employer) being one of the first major identity providers to support OpenID 1.0. I contributed to the OpenID 2.0 specification along with a number of the OpenID 2.0 extensions. I’m now an active contributor to the OpenID Connect specifications. In addition, I have experience participating in a number of industry standards organizations (OIDF, IETF, OASIS, Kantara Initiative) working on identity related protocols and specifications.
As a member of the OpenID Foundation Board, I will work to ensure both technical excellence in the specifications and broad adoption of the OpenID protocols.
My book, The Live Web: Building Event-Based Connections in the Cloud, has been released and is on Amazon. Having the book actually available is great, although slightly anti-climatic after the thrill of just being done last November. :)
Buying the book: If you are going to order a copy from Amazon, do be a favor and order it on Friday, January 13th. I'm trying to get the book to move up the rankings--if only for a day.
Here's an excerpt from the Introduction:
For many years, pundits have foreseen a world in which everything will be connected to the Internet. We're getting there. We now have Wi-Fi--enabled refrigerators, thermostats, and bathroom scales. But what happens after things are online? Will they merely connect to the Internet or will they connect to each other?
Connecting everything we use--products and services--to each other is a powerful idea. An idea that is bigger than mobile and social. Mobile's big because everyone is connected all the time. Social is big because we're connected to each other. Connecting us to everything around us is the next step.
Connecting our things to each other and setting them to work on our behalf is transformative. Imagine a world in which your phone automatically mutes the ringer when you start watching a movie. Imagine a world in which your alarm clock sets itself based on your schedule and other information like the weather, the traffic, and your past behavior. Imagine a world in which the mundane parts of business travel or scheduling an appointment with a new doctor are automatically taken care of according to your preferences. That world is the Live Web.
The Live Web: Building Event-Based Connections in the Cloud is a book about specific concepts, architectures, and technologies you can use to build Live Web experiences. This book is not easy; it requires that you think about Web programming from a brand new perspective. That's hard for any of us. I have no business asking that of you unless there is a big payoff. There is: I believe the ideas and techniques in this book will help you build brand new types of Web experiences unlike those you can create using traditional Web technologies or languages like PHP or Rails. Don't let this intimidate you. While this book asks a lot, the ideas are familiar and their application is engaging and fun.
The premise of this book is simple, but profound: The Web of the future--the Live Web--will link our lives in ways we can hardly imagine..and you can start building that Web today. While the request-response programming model we've been using has led to incredible applications and services, we can do more with a new model that complements--rather than replaces--the thinking that has led us so far. That new model is based on events.
Whereas today's Web sites are about users interacting with relatively static pools of data, the cloud is giving us a brand new kind of data: data that is flowing, moving, and real-time. Data that links sites and services together. The cloud is about way more than just APIs to data and services--as important as that is. At its best, the cloud creates real-time interactions enabled by streams of data. The problem is that this kind of data doesn't look like a request. Consequently using the tried and tested tools we've used to build Web services won't take us where we need to go. Event-based interactions are the perfect model for taming these rivers of dynamic data and creating applications that make the most effective use of them.
Event-based applications are more loosely coupled than those built using a request-response model. I cannot overstate the case for loose coupling. As we move to a world in which more and more applications must coordinate their actions on our behalf, there is simply no way that we can pre-plan and orchestrate all the required interactions between them. Using systems that are supportive of and are architected for loosely coupled applications will play an important role in enabling the cloud-based future we envision.
This may seem a little overwhelming, but I have a secret weapon to help you out: a new programming language. I know what you're thinking, "Wait, I've got to think differently about the Web and learn a new language too!?!" But in fact, I think the language helps, rather than hurts.
Tools shape how we think and work. I learned long ago that the best way to think differently about a problem is to create a nomenclature that describes and illuminates the new domain. In this book, you'll use a language called the Kinetic Rules Language (KRL) to channel your thinking for this new model. KRL will lead you into the world of event-based programming on the Web.
KRL is a rule-based language that is custom built for the domain of event-based applications that operate on real-time data in the cloud. KRL was designed from the ground up with events and the cloud in mind. KRL provides a number of familiar touch-points for users already accustomed to Web programming and JavaScript, but provides a framework for making the most of an evented Web. While KRL is open and runs on an open source rules engine, you can get started with it right away using a cloud-based service.
While the ideas and techniques in this book can be implemented in any language, there is significant value in using a purpose-built language to guide our thinking. Remember, the ultimate value you will gain from this book isn't learning any specific programming language, but in forcing your thinking down a new road--one in which events, rather than requests, reign supreme.
I'm very pleased with how the book turned out and extremely excited about the ideas in it. I hope you'll read it, comment on it, review it, and try the ideas out. Undoubtedly, the future will turn out different than I've envisioned it, but I think we have an obligation to try to influence the design that emerges. The Live Web is my best thinking about how to do that.
Update: Some people have asked about a Kindle edition. There is a Kindle edition coming, but I don't know when it will be available.
The flower stores in a large city have established an agreement with local independent van drivers to deliver flowers from the city's flower stores to their destinations. When a store gets a flower delivery order, it creates a request, which is broadcasted to relevant drivers within a certain distance from the store, with the time for pick up (typically now) and the required delivery time if it is an urgent delivery. A driver is then assigned and the customer is notified that a delivery has been scheduled. The driver picks up the delivery and delivers it, and then person receiving the flowers confirms the delivery time by signing for it on the driver's mobile device. The system maintains a ranking of each individual driver based on his or her ability to deliver flowers on time. Each store has a profile that can include a constraint on the ranking of its drivers, for example a store can require its driver to have a ranking greater than 10. the profile also indicates whether the store wants the system to assign drivers automatically, or whether it wants to receive several applications and then make its own choice.
If you follow my blog, you'll know I have a particular view of evented systems based on distributed event processing taking place on event networks that are owned and run on behalf of particular entities. We call these personal event networks. In addition to writing a book on the subject, I've described personal event networks in various articles on this blog over the last six months:
N.B. If you're in my CS462 class, it wouldn't hurt to read them all. :)
Consequently, as we implement the flowershop example in my class, we're going to do it with a personal event network twist. The result looks something like this diagram:
In the preceding diagram, there isn't one event system that manages the interactions between the shops and the drivers. Rather, each driver has their own personal event network, each shop has their own personal event network, and the guild has one too. The interactions aren't simply events raised within a single event network, but rather events raised between the networks of each participant. I've shown some of the apps that drivers, shops, and the guilds have installed on their personal event networks, but they would each be individually managed and configured. In fact, it's reasonable to assume that different drivers or shops might use different apps for the same purpose as long as they understood the events.
The various personal event networks are linked together via event subscription. For example, a driver might subscribe to the delivery_ready event from each of the flowershops she wants to drive for. A driver who has a bad experience with a particular shop, merely unsubscribes from that shop's delivery_ready events and never sees them again. Similarly, a shop that doesn't like a particular driver can merely unsubscribe from them and no longer do business with them. I'll be posting an example soon that shows how event subscription works in a personal event network. There are lots of details to work out and this blog post isn't the place for them.
There are design choices to be made in this system. For example, there's a "direct" arrow in the diagram indicating that shop and driver personal event networks can communicate directly. But the guild may chose to intermediate the interactions. In class, we're going to be implementing the system with a direct connection first and then re-plumb the entire thing to use the guild as an intermediary. Intermediaries introduce interesting dynamics, making many things easier and increasing flexibility.
Overall, this example isn't terribly different from the fourth-party ecommerce example I wrote about last June except that example featured hardwired connections between the shopper and the merchant rulesets. In contrast, this example uses the idea of event subscription to link merchants and customers. Event subscription takes the fourth-party example from a nice little demonstration to a conception of how VRM could work in the real-world. The diagram shown above can be partitioned to illustrate this:
Together with our ideas about how notification occurs and how personal data can be managed in personal event networks, event subscription creates a powerful system for enabling a completely new kind of interaction between vendors and customers (note that in this example, the flowershop is the customer who is negotiating for and buying delivery services from the drivers).
The Honorable Orrin Hatch
104 Hart Office Building
Washington, DC 20510
Fax: 202-224-6331
Dear Senator Hatch,
I'm writing to express my opposition to the Protect IP Act (PIPA). I have a PhD in Computer Science, have taught Computer Science at BYU, started several high-tech businesses in Utah (one of which, iMall.com, sold to Excite@Home in 1999 for $450 million), was the CIO for the State of Utah under Gov. Michael Levitt, and am the Precinct Vice-Chair in Lindon 04.
I'm pleased with Sen Reid's decision to postpone the vote and with your recent opposition to PIPA. However I'm still concerned that the thinking that led to PIPA will lead to other equally bad legislation in the future.
The problem with PIPA and similar legislation is that it looks at copying as a feature of digital goods that can be selectively disabled. In fact, everything I know about computer technology leads me to believe that copying will only get easier and easier as technology progresses. We will never again live in a time when copying things is as difficult as it is now. And this will be true regardless of the laws we pass because copying is fundamental to the nature of computers and digital goods.
Consequently, efforts to make copying more difficult by technical means (such as the DNS blocking provisions in PIPA and SOPA) hurt legitimate uses of technology while leaving those who would copy without permission plenty of ways to circumvent those measures. You cannot plug this hole by hobbling the Internet and also be a proponent of economic growth. Those positions are incompatible.
I believe that the answer lies in enforcing existing laws in the courts where the accused are afforded due process and in working with other nations to create legal regimes wherein the guilty can be tried and punished. There are no technical shortcuts that will solve this problem.
I'd be happy to discuss this matter in more detail. I look forward to seeing you at the convention.
It is interesting that when I talk to IT professionals and ask them about their security and compliance requirements for their server infrastructure that in some instances IT pros tell me that auditing their server infrastructure doesn't apply to their organization or they can kick the proverbial can down the road. I can understand that sentiment if their organization was a small-to-medium sized business that may not be a public company and have to deal with SOX, or not in a well regulated industry that has to deal with HIPAA or FERC/NERC, but when an larger organization that is in a regulated industry states that they don't need auditing on all their servers it seems a bit of evangelism is needed to get customers to realize that it is in their best interest to do so. I would also argue that this same evangelism should be considered by smaller organizations. In this blog post and a few others to follow I am going to talk a bit more about auditing, and in this one will discuss the business needs for auditing your servers.
One of the big takeaways for me from this January HL7 meeting is a much better realization how the organization sees clinical documents and messages, and how they relate to distributed services. What I did not realize was how the terms “message” and “document” have a very special meaning in HL7. Specifically, messages and documents in HL7 are expected to establish the context of the exchange, based on the data and metadata found in the message or document wrappers.
In the past, I have made the mistake of talking about simplified content for hData at the leaf resources (“Section Documents” in hData lingo), and reference to this content using terms like “document” or “document parts”. This prompted strong opposition from CDA supporters, who claimed that “document parts” would be inherently unsafe, since they might leave out critically necessary context information. As such, any document or message moderated health IT exchange cannot simplify its content model without performing a “no-harm” analysis.
This is not true for a service-based exchange: the service contract and deployment parameters are the overriding functions that establish the context for any given client-service interaction. A very good example for illustrating this is sending textual information to your political representative: To get information to Senator Alice, you can do this by sending a RFC 822 compliant string of characters (i.e. “To: senator.alice@example.com …”), but for Senator Bob you can use a web application that offers a textbox for sending your letter. The former approach is akin to a V3 message, the latter is more like RLUS/hData services.
Simplification
It now gets interesting when you take the RFC 822 formatted message to Senator Alice and paste it into Senator Bob’s textbox, i.e. you use the service to transport the message. The message will – obviously – not be sent to Senator Alice, but instead end up on Senator Bob’s desk. While this simplified analogy leaves out some details, it shows how metadata for one exchange mechanism are not necessary for another. Any different assumption may lead to unexpected (and most often undesired) results.
As a result, service are -other than messages or documents- able to exchange partial clinical model graphs without needing to include wrappers provided by standards like HL7 V3 or CDA. With proper documentation in the service contract, the wirelevel serializations of these graphs can be made relatively simple, so that standard code development tools (including things like SimpleXML) do not get tripped by the complexity of the format.
Last week, we flew everyone in Ping to Denver from around the globe to celebrate 2011 and kickoff 2012. We only do it when we hit our stretch goals, so we celebrate as if it were our last time all being together physically as a company. Certainly as we've grown, the logistics have become more significant, but what a week it was. One for the history books here at Ping for sure.
Here are a few highlights of 2011 and then some pics from the week.
Surpassed $100 million in lifetime sales
200 New Enterprise Customers
2 of the 3 largest U.S. hospital conglomerates
3 of the 5 largest U.S. health plans
4 of the 6 largest U.S. banks are now customers of Ping Identity
42 of the Fortune 100
61 new SaaS companies leveraged Ping for cloud identity integration
200% growth in EMEA and new Asia Pacific and Japan sales offices
Lucy Lynch is the Secretary & Treasurer for Kantara Initiative. Lucy has been involved with Kantara since it’s inception in 2009.
Lucy is Director of Trust and Identity Initiatives with the Internet Society (ISOC) and her role is to examine some of the major issues affecting the Internet and to develop projects that will address those problems. Prior to joining the Internet Society, Lucy worked at the University of Oregon as a member of the Academic Computing and Network Applications Group. Her assignments with the University included work with the Network Startup Resource Center (NSRC) – a long-time partner with the Internet Society in bringing network technology and education to the developing world.
In addition, she has been an active participant in both the North American Network Operators Group (NANOG) and the Internet Engineering Task Force (IETF) and recently completed a term as Chair of the IETF Administrative Oversight Committee (IAOC).
Lucy holds a Master’s degree in Mass Communications from the University of Oregon and has a long history of service in non-profit organizations ranging from mental health counseling to a hands-on science museum. She has been a grant writer, project manager, and a computer programmer. She also once managed the Flying Karamazov Brothers (www.fkb.com/) and hopes to put that unique non-linear managerial experience to good use as she directs new efforts for the Internet Society.
Lucy lives in Eugene, Oregon, USA and travels extensively for work. When not traveling Lucy likes reading books and enjoying the outdoors.
We’re very happy to have Lucy leadership and knowledge.
SOPA and PIPA are bad laws. And Clay Shirky's TED talk about why they're bad laws is great. But he gets the most important point wrong. Right at the end, he says there are two things you can do.
He says you can call your Congresspeeps, and you can "get ready", because more is coming.
But there aren't two things you can do. There are three. And the third thing is much more powerful than the two things Clay suggests.
You can make SOPA, PIPA, Copyright, and the Media moguls of the Hollywood studios, the music labels, the MPAA, and the RIAA irrelevant. You can cut off their air supply.
You can make your own media, and you can make it free.
And why wouldn't you? It's not like the media that's being made for you - for which the RIAA and the MPAA are willing to break the Internet and put you in jail - is any good.
Today's media is SHIT.
Are you dying to see "April of the Penguins" and "The Taking of Pelham 1-2-3D"?
Can you NOT FUCKING WAIT for the latest Justin Bieber disc?
(If you said "yes", you are not the target audience, and you are not the future. Please leave.)
I've said it before, but it bears repeating. This stuff is NOT WORTH STEALING. The RIAA and the MPAA want to break the Internet to protect Britney Spears and "Alvin and the Chipmunks: Chipwrecked". SRSLY.
You can make your own media, and you can OBVIOUSLY make better media.
My sisters and I made this in 48 hours with one iPhone, one iMac, and software that cost us zero dollars. You can do MUCH MUCH BETTER. (We can too, and we will).
A modern $300 point-and-shoot camera will take hi-def video whose quality would have made Orson Welles cry. A new Mac comes with iMovie and Garage Band FREE. These apps will let you do things a Hollywood studio would have spent millions of dollars on only a decade ago. Robert Rodriguez' 10-minute film schools are on YouTube and will teach you everything you need to know - IF you have a story to tell and a bit of talent.
So why do you pay $12 for a movie ticket to see some hack's cynical sequel to a sequel when you could make movies yourself and share them for free on YouTube or Vimeo?
Because you're lazy and afraid.
If enough of you shake off the fear and lethargy, you can make the Internet a BETTER place to watch movies than the theater: not just a cheaper place, but a BETTER place. Better because the stories are better and better because the viewing experience is better (no DRM, no lawyers, no restrictions on where a movie can be viewed, no need to wait for a movie to be "released" in our towns).
And you know what's even better than that? If you DO make the Internet a better place to watch movies than the theater, you'll also make it a place where the people who MAKE movies get paid. Which would be great, because the current system doesn't pay people who make movies: it pays people who finance movies, distribute movies, and lobby Congress to make sure watching movies stays expensive.
Here's all it would take. You'd get your ass off the couch and write down that story you think really needs to be told. You'd take in a few online tutorials - maybe Dan Allen's short-film and FCPX tutorials (look for iMovie tutorials if you're cheap), and a few GarageBand lessons. You'd read David Mamet's wonderful short book On Directing Film. And then you'd dust off your DSLR or your digital point-and-shoot camera and go out and make a movie.
You'd upload that movie to YouTube or Vimeo, and you'd give it a Creative Commons Attribution Share-Alike license so anybody could embed it, show it, or download it and remix it to create their own works for free.
You might make a really great film. If you do, you might get paid for it - or not, but you'd still have made a really great film. But - and this is the important point - NO MOVIE STUDIO WOULD GET PAID FOR IT. AND NO MOVIE STUDIO LAWYER WOULD BE ABLE TO THREATEN TO TAKE A WEBSITE OFF THE INTERNET FOR HOSTING IT. AND NO MOVIE STUDIO LOBBYIST WOULD BE ABLE TO BREAK THE INTERNET TO PREVENT OTHERS FROM RIFFING ON IT.
If enough of you do this, the movie studios will have less money. Less money to make shit movies, but also less money to pay lobbyists to pay Congressmen to break the Internet.
And if that happens, Clay's fears won't be realized. There won't be another SOPA waiting for us down the road.
But of course, you'd have to get your ass off the couch.
The cloud is here to stay. Organizations are reducing costs, streamlining operations, leveraging Software as a Service (SaaS) applications (the cloud, that is) more than ever before — and there’s no end in sight. Sure, the cloud is part of the modern enterprise infrastructure, but are organizations’ access risk strategies accounting for all the apps they have in the cloud? It’s already challenging to identify, quantify and manage access risk without solutions in place that can help, and now doing business in the cloud adds another degree of challenge as to how organizations can protect themselves.
Here’s a common scenario. An employee leaves the company on his own, or is terminated. So, you shut off access to his accounts, applications and fileshares. You think you’re good to go. But what about his accounts in the cloud? Do you know for a fact that he can no longer access his old salesforce.com account? If you’re not emphatically saying “yes,” you have a problem. If he has access to his old account, you’re inviting him to access your company’s assets — Personally Identifiable customer and employee Information (PII), intellectual property and other critical data.
We’ve all heard stories about former employees stealing critical information, uploading deadly viruses, or embezzling funds. But many, if not all of these incidents might have been prevented had those companies had better access risk management controls in place.
Most organizations focus their access risk strategy on on-premise applications, yet they still want to take advantage of cloud-based offerings to reduce operational costs and streamline processes. Some are actually moving mission-critical applications and data onto cloud-based platforms without considering the access risk implications. Regardless of whether the apps are on-premise or in the cloud, companies need to apply the same level of identity and access governance to all applications and mitigate their access risk to keep their business secure. So how are they doing it?
Cintas Corporation has the right idea. The international provider of corporate identity uniforms, safety equipment and training didn’t want to end up as another headline in a long series of highly public data breaches so they chose CourionLive™, the SaaS version of the Courion Access Risk Management Suite, as their identity and access management (IAM) solution. Now they have a fast, easy-to-implement, highly secure and redundant solution for managing their user access privileges to vital IT systems. They‘ll be able to automate manually intensive, repetitive IAM tasks like user provisioning, password management and user access certification, and increase operational efficiency while reducing their overhead.
The American Red Cross had the same idea. They needed a way to provision access to the Microsoft Office 365 cloud computing platform for their full-time employees, contractors and volunteers as part of an organization-wide initiative. They wanted to streamline their operations and reduce system costs by turning numerous email systems into one global communication system. As one of the largest Office 365 implementations how are they managing access risk for their cloud-based solution? Courion’s Access Risk Management Suite. It enables the Red Cross to improve security and mitigate access risk across their entire organization, while providing a fast time-to-value alternative to complex, expensive conventional identity and access management (IAM) solutions.
While mitigating access risk arising from cloud-based applications can be challenging — when you have the right solutions, it doesn’t have to be. And you’ll be good to go.
Auch wenn häufig viel zu leichtfertig der Begriff "Cyberwar" verwendet wird (denn Tote gibt es nur im wirklichen Krieg) - die Bedrohungslage durch Online-Kriminalität ist immens geworden. Security Information and Event Management (SIEM) stellt Ihnen wirksame Mittel dagegen zur Verfügung und hilft Ihnen dabei nicht mehr nur rein reaktiv tätig werden zu können. In diesem Webinar sprechen wir mit Ihnen über neue Herangehensweisen in diesem Bereich. more
JSON Web Signature (JWS) – Digital signature/HMAC specification
JSON Web Encryption (JWE) – Encryption specification
JSON Web Key (JWK) – Public key specification
JSON Web Algorithms (JWA) – Algorithms and identifiers specification
They are refactored from the previous individual submission versions to move algorithms and identifiers into the separate JSA specification, per the working group charter. Also, per the working group’s input, the terminology usage has been changed to no longer call both digital signatures and HMACs “signatures”. The JOSE versions contain no normative changes from the individual submission versions.
Company culture is extremely important to us at Identropy, as we have written about in the past. It's what makes us who we are, and a big reason why many of us have come together here. It's also been cited by customers as a reason for selecting us, and by the VCs who have invested in us.
One of our big influences is the book 'Drive' by Daniel Pink, which has not only helped formulate our approach to work, but also gave us our Fedex Day ritual. You can check out the post Ash wrote about the success of Identropy's first Fedex Day here. Two weeks ago, we had our third Fedex Day at our quarterly in Austin, and it was not only hugely successful once again (have you noticed the slick makeover our website got, for one?), but incredibly inspiring. The camaraderie it builds in a team as geographically dispersed as ours is invaluable. And we can't wait to showcase the outcome of the projects we did, so stay tuned to this space.
In the meantime, I wanted to share the video below which does a simply brilliant job of presenting - in a visually arresting and cool way - the core idea in Drive, which is that we should incentivise people by giving them purpose instead of rewards. Apparently this was the video that started it all for Ash, Frank and the rest of team Identropy (even though I only came across it today). Check it out.
Love is officially “stupid,” finally edging out “blind” on the strength of password sharing among lovelorn teens.
This from the New York Times today, a story that teen couples are showing their love for one another by sharing their passwords. And not just for one application, but wherever their digital lives take them: e-mail, Facebook, Twitter.
You laugh at their naïveté, but remember some of these teens will be your employees in four years – maybe less. Perhaps your junior executives within the next six years.
Old habits die hard, especially when socialized at such a young age. And they look like a giant liability when they find their way onto your network. It's not just sharing passwords, but the nonchalance towards snooping through another person's account - "authorized" or not. A lover's today, a friend's tomorrow, the boss's after hours.
To protest SOPA I am sharing this content (that is not my original material).
p.s.
I am also advocating for Freedom for Scotland, Voice Activated for native Scottish speakers, funny videos, and purple unicorns. <— their real … go check Wikipedia…
Planet Identity is an aggregation of public weblogs related to Identity
Management.
The opinions expressed in those weblogs and hence
this aggregation are those of the original authors.
![[Technorati links]](cosmos.gif)
. It is, believe it or not, a "common" name for me as the G+ "requirements" call for. Just like it is common for BotGirl Questi to be called that when she is in that persona online. Botgirl has the 
As indicated 
Amazonで買う
In the past, I have made the mistake of talking about simplified content for hData at the leaf resources (“Section Documents” in hData lingo), and reference to this content using terms like “document” or “document parts”. This prompted strong opposition from CDA supporters, who claimed that “document parts” would be inherently unsafe, since they might leave out critically necessary context information. As such, any document or message moderated health IT exchange cannot simplify its content model without performing a “no-harm” analysis.
The cloud is here to stay. Organizations are reducing costs, streamlining operations, leveraging Software as a Service (SaaS) applications (the cloud, that is) more than ever before — and there’s no end in sight. Sure, the cloud is part of the modern enterprise infrastructure, but are organizations’ access risk strategies accounting for all the apps they have in the cloud? It’s already challenging to identify, quantify and manage access risk without solutions in place that can help, and now doing business in the cloud adds another degree of challenge as to how organizations can protect themselves. 
Company culture is extremely important to us at Identropy, as we have 
![[Feed]](feed-icon32x32.png)
![[FOAF Subscriptions]](foaf.png){kind=small}
![[OPML Subscriptions]](opml.png){kind=small}
![[Venus]](venus.png)
![[Valid Atom 1.0]](valid-atom.png "Validate my Atom 1.0 feed")