![[Technorati links]](cosmos.gif){kind=small}
Congrats to our former client SkyGrid on finally giving away your service - to normal people.
Its great to see Dave Winer thinking about using RSS for real-time purposes. That’s what I assumed would happen 12 years ago, hoped would happen 8 years ago, tried to make happen 5 years ago, assumed would eventually happen 2 years ago, finally gave up on worrying about it last year and sure enough - maybe it’ll happen.
Chris Messina (new member of the OpenID Foundation board) = “Perception and Reality in the land of OpenID”. Now that Chris is on the board, lets hope that OpenID’s brand can morph into a solution, not some techy geeky thingie. Most normal people think OpenID is the solution and just by “using it” all their issues will go away. HAH!
Its great to see Doc waking up to two facts a) Facebook is the Borg - b) it can be a useful and compelling Borg. As Michael Arrington says “closed systems are not necessarily bad”. I agree. Now we just have to open up Facebook - more.
It was 25 years ago this month I attended the Mac unveiling at Moscone. The earth shook (there was an earthquake) and I was getting married, so I convinced my new father-in-law to invest $100,000 into our new company - MacroMind. I was helping out the Wm. Morris Agency at the time - by introducing a book agent - Ned Leavitt - to a bunch of bylines, like John Dvorak and Jerry Pournelle. They asked me to become an agent, and I told them I’d rather be a client.
Did I ever tell yah my friend Pierre won a technical Oscar? His company Re:Vision does special effects plugins. Here he is with his partner Pete in an article in Creative Cow.
Pierre and his wife Ami Sun are one of my last connects into my prior life as a multimedia dude.
As time moves on and computer graphics and special effects make it more and more into mainstream, it’s great to see innovation and good people still get over.
Smarts is something you can’t fake.
Nepotism can’t get you there.
Or insider game politics.
Just quality and hard work. And then some of them get Oscars.
I asked Tim Draper why I should plug his new blog? He’s never invested in me, shown any interest in what we’re doing or our open efforts. So why plug a VC? Cause he’s into his family!@#! We need more VCs who are human.
Is the U.S. Senate Un-American? (from my father’s old partner Don Rose)
Beyond the API: Why companies should have a presence on all major platforms. I agree. However I disagree that AIR is important. Adobe sucks and they can’t be trusted.
Got this coolio laptop pillow from the kind folks at Intelligent Forms.
Send more free stuff!
But don’t expect me to say nice things. This pillow thingie is coolio, but a bit weird to get used to. I probably wouldn’t buy one myself - but that’s just me. It’s geared towards sitting up, and I do all my laptop computing laying down.
…when you didn’t get what you wanted.
Eli and I went to a potluck dinner in Seattle last night, hosted by Kaliya and also attended by, among others, Drummond and Gabe. That was the good part — a great time was had by all, and Kaliya was a gracious host not only during the dinner party, but also when we showed up on her doorstep twice (evening and morning) after failed departure attempts.
Here are some of the many lessons we learned in the last handful of hours:
With luck, we’ll be able to extract our car later today. I didn’t have the heart to take pictures, but if you want to see dramatic images of the white stuff further north, try these.
And to think we moved from Boston to Seattle exactly four years ago yesterday for some snow relief. :-)
Phil Windley has this interest post about the cost of bulk cold storage. He relates this definition of engineering:
I often say, quoting Pat Taylor, one of my professors in my undergraduates days in metallurgical engineering, that an engineer is some one who can do for a dollar what any fool could do for two. Of course, building performant, efficient code is part of this, but so is understanding the cost of bulk storage and other resources and using that in the trade-off.
I love that definition.
I often quote the engineering definition of Professor Gale Neville Jr., my thesis advisor and mentor back at the U of Florida Aerospace Engineering department. He defined an engineer as “someone who measures with a micrometer, marks with a piece of chalk, and cuts with an ax”.
Of course these two professors are really describing two different facets of engineering; efficiency improvement and design. Both are critical in software development.
So that’s why I’ve stayed away from the Roku box - up until now.
Now the Roku box looks like it’s gonna have Amazon streaming movies - as well.
On a related note - it’s also nice to hear that NetFlix is embedding itself into LG TV sets.
Both NetFlix and Amazon need to extend their reach and not lock themselves into one hardware device. Same with Roku - they can’t afford to rely upon only one or two content sources.
See how the distributed open web works?
As you're probably aware, IT Conversations, and other Conversations Network Channels, are made possible through the efforts of a small army of Web site editors and audio engineers.
We have a terrific team of people who help out and Doug's put together a great system for managing the workfow of producing shows Now, with a bit of attrition in the ranks of both our website editors and series producers and a new channel on the way, it's time to add to the team once again.
If you'd like to help us write descriptions for our programs, track down and crop photos and sync the occasional slideshow, here's your chance. The word "volunteer" isn't quite right since in fact Web editors are paid (thanks to donations from our paid members), but you're not going to get rich. You'll get a whopping US$15 for each description you write - US$25 if you also sync a presentation's slides to the audio.
You'll find details on TeamITC (as we call it for historical reasons) and our Apprenticeship Program on The Conversations Network web site.
Image by penguincakes via Flickr
James Hamilton has put together an analysis of the cost of bulk cold storage. That is, the cost of storing data, including the fully burdened cost of power in a data center, without the associated transport fees. The answer: $0.80/GB/year.
Wow--that's cheap. And of course it's getting cheaper. When James did a similar analysis using numbers from two years ago, the cost was $2.50/GB/year.
One thought I had as I looked at James' analysis is that we don't teach enough people to do these kinds of calculations. Not that there's anything particularly difficult about the math, but there are things to know and techniques to use.
I often say, quoting Pat Taylor, one of my professors in my undergraduates days in metallurgical engineering, that an engineer is some one who can do for a dollar what any fool could do for two. Of course, building performant, efficient code is part of this, but so is understanding the cost of bulk storage and other resources and using that in the trade-off.
Repressive regimes have always posed this question to the faces under their jack-boot clad feet:
If you are innocent, what do you have to fear?
Think about that for a moment and then consider this revelation in the UK Times Online:
THE Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people’s personal computers without a warrant.
The move, which follows a decision by the European Union’s council of ministers in Brussels, has angered civil liberties groups and opposition MPs. They described it as a sinister extension of the surveillance state which drives “a coach and horses” through privacy laws.
The hacking is known as “remote searching”. It allows police or MI5 officers who may be hundreds of miles away to examine covertly the hard drive of someone’s PC at his home, office or hotel room.
Material gathered in this way includes the content of all e-mails, web-browsing habits and instant messaging.
Under the Brussels edict, police across the EU have been given the green light to expand the implementation of a rarely used power involving warrantless intrusive surveillance of private property. The strategy will allow French, German and other EU forces to ask British officers to hack into someone’s UK computer and pass over any material gleaned.
This article focuses on the UK aspect, but it’s hard to see how it would be materially any different in any of EU member countries. That is to say those countries that have unwisely decided to subject their citizens the whims of unelected officials in Brussels.
The methods of “remote searching” sound rather like what the bad guys do:
Richard Clayton, a researcher at Cambridge University’s computer laboratory, said that remote searches had been possible since 1994, although they were very rare. An amendment to the Computer Misuse Act 1990 made hacking legal if it was authorised and carried out by the state.
He said the authorities could break into a suspect’s home or office and insert a “key-logging” device into an individual’s computer. This would collect and, if necessary, transmit details of all the suspect’s keystrokes. “It’s just like putting a secret camera in someone’s living room,” he said.
Police might also send an e-mail to a suspect’s computer. The message would include an attachment that contained a virus or “malware”. If the attachment was opened, the remote search facility would be covertly activated. Alternatively, police could park outside a suspect’s home and hack into his or her hard drive using the wireless network.
When the police start behaving the criminals, then you have a very serious problem.
This summer will make the 20th year (!) since I opened my first-note-book, on the question how & in what way do species & varieties differ from each other.— I am now preparing my work for publication, but I find the subject so very large, that though I have written many chapters, I do not suppose I shall go to press for two years.
Big News: there was an important election at the end of 2008. No, I'm not talking about the presidential election.
Talking about OpenID. “So a relying party walks in to a bar...”
Besides establishing strategic authorization management projects (see Felix´ blog for more on that), organizations tend to rid themselves of ancient UID/password schemes turning towards modern, flexible and – above all – user-friendly technologies. As the plethora of alternatives to chose from slowly became a “unübersichtlich” and a mine-field of non-interoperable point-solutions, Kuppinger Cole decided to provide insight and overview by analyzing and organizing methods, technologies and concepts into a easy-to-digest report, serving as a map to tokens and authentication technology as well as a guide what to include into a corporate authentication strategy.
The best way to tackle a subject as diverse as the authentication market is to provide a definition and classification that brings the components into order. While doing so, it quickly becomes obvious that authentication today is far more than just tokens and smartcards. Authentication has many facets, a few of which are:
Hardware:
Client-Software:
Centralized or server software:
This compilation is neither complete nor sufficient to establish an authentication strategy but merely serves as a short glimpse of the depth and breadth of the analysis for the report, currently under way. In addition to the above mentioned topics, the increasing importance of user centric identity management schemes requires the inclusion of OpenID and CardSpace as means for authentication primarily targeted at web(-applications). These will extend their importance with the further adoption of federation technologies and the increasing numbers of managed external IDs, be it in a b2b or b2c context. If information cards close the gap and are integrated with PKI technology, this will boost the importance even more.
PKI and the certificates managed therein are experiencing a renaissance as PKI is no longer a strategic project but integrated part of the infrastructure, enabling important systems like service-oriented architectures (SOA), Information Rights Management (IRM) and Data Leakage Prevention (DLP) to be operated efficiently and in a secure manner. By including PKI into the discussion, process management and support need to be included also. Especially token lifecycle management processes and the combined issuing & management of single-token solutions for physical/logical convergence are core topics to be addressed in comprehensive authentication strategies.
Overall, each authentication strategy shall allow for simple, flexible and as secure as possible means for reaching the goals set for user and machine authentication – a task not easily solved, if user- and administrator experience are to be improved and no technology overkill is expected. The upcoming report will provide insight and orientation to properly address the obviously divergent goals of an authentication strategy.
In a previous post (Disturbances in the cloud) I described that using services in the cloud (or more down to earth: on the Internet) introduces more risks then most users imagine. A new examples seems to be the (free) AOL Hometown service for site hosting. It was shut down on Oct. 31, 2008 leaving all users behind with no access to their own content. Some say they had a 4 week notice but the support forums seem to at least indicate not everyone got it. This was the only “official” notice of the imminent shutdown, a small blog entry.
More information can be found here.
So, how are you doing? Let’s take a common example: online mail services like Live Mail or Google Mail. How many of you have local backups they can access if those services ever shut down or change their terms of use?
I don’t write about politics on my blog that much but have spoken up about some of my travels in the world and what I have seen.
I thought with all the twitter blips going by about “the ground invasion in gaza beginning I wanted to share what I wrote about in the summer of 2006 my own personal visit to Gaza in the summer of 2000.
This is the last 1/2 of a post a post called “Security theater and the “real” threats - inhuman conditions“.
Speaking of ‘they’ - who are they? I just watched a film from Netflicks - Death in Gaza. It was of two documentary film makers one of whom died while shooting the film. I spent the summer of 2000 in Jerusalem for 10 weeks I lived and worked there and did what I call “NGO tourism”. I worked at one of the worlds foremost human rights organizations - BTselem the Israeli Information Center for Human Rights in the Occupied Territories and then also worked at the PCATI the Public Committee Against Torture in Israel (while there I got my education in what torture is going on and how it affects people - really awful).
My fellow international interns and I would spend our weekends traveling about going through the Westbank and up to Nazareth, and Haifa over to Televiv down to Hebron. [[you can read what I wrote about Hebron here]]
One time we got to go to Gaza for 2 days. One of the interviewers for B’Tselem was traveling there so the two of us got to go with him. We got hooked up with two guys who worked in an NGO in Gaza and went on a tour for a day… from one end to the other … inside the camps and everything. It was amazingly powerful. Just like in the movie I saw the little kids the ones who are 5 and 6 happily playing away not really knowing there life circumstances yet. Then the older boys would glare glints of anger in there eyes. They are 10-13 years old knowing what they don’t have. The get that it is not normal to have open sewers in the streets. It is not normal to have 10 people living in one room. It is not normal to be growing bunnies up stairs that you kill to have food or a donkey living in your living room. Why do they know this…there are satalite dishes…basically everyone has a TV and can see what life is like in Isreal, and America and the rest of the normal arab world. When you think about that maybe some of this makes a bit more sense. It is not normal to feel like going to school you could get killed (as they young girl in Death in Gaza talks about). It is not normal to have your school playmates killed by gunfire (like the little boys have happen to them in the movie). Or bulldozers coming to plow your house down in the middle of the night (like threatens to happen in the movie ) How can you feel peaceful in this kind of environment?I know after witnessing what I did that day I was shaken. I really felt my soul had been shaken up like my body was still and it was moving. It was eerily like the feeling I had after exiting the memorial museum at Hiroshima. The thing was…what I had witnessed that day was happening to real people ‘now’ not a historical event from 60 years ago. The depth of suffering is quite intense and the failure to connect with people as people and to really resolve the conflict continues to cause suffering. More bombs and planes and threats of nuclear weapons going off doesn’t make the situation better. It makes it worse. Send in armies of compassionate empathetic listeners. Make public peoples family stories and histories. Find some way through. There are some amazing stories of reconciliation that have happened in Israel/Palestine. They prove it is possible. I do have hope but not if everyone just sees an enemy instead of people, families and societies with real human and community needs.
I was sorting through my stuff over the weekend and found something from B’Tselem. They still send me the reports the write. It was a 11×17 fold over about the wall situation in Jerusalem. Just really disruptive to normal peoples lives. The whole of the Westbank is oriented around the trade flows through main cities. The most main one being East Jerusalem. The fact that they want to cut the Palestinians off from their main economic hub is just mean. People don’t like people who do mean things. Why is this so hard to understand!
It makes me very sad to hear there is a war happening. There has been a war on the Palestinian people for a long time.
Some elements that are not obvious to people is the depth of connection to land and history that is present along with the really bad living conditions.
* In the refugee camps villagers who fled their villages together - still live together 50 years later - they have a sense of identity as people of a place (a place that only the oldest people alive still remember) but that the young people feel they belong to too.
* The number of people and the conditions of living are very hard to imagine - they have the density of New York - but all in cement block houses that have tiny rooms 9×9. 1200 people a km.
* They don’t have electricity in the winter because the wiring is so ad-hoc that it is to dangerous to run in the winter.
* They don’t have sewage systems - other then the ones that run in the street.
* When the Israelis had a presence in Gaza they had their own roads - the good ones - that Palestinians could not drive on. (I was driving around with palestinians so we were on the “bad” roads).
* They have families of 10 living in one room houses.
* They have families that have a donkey’s living with them in their one room too.
These are extreme living conditions and the reason they voted for Hamas has to do with the fact that the islamic organization the religious arm of the political organization actually helps poor (as they are called to by their religious texts) impoverished people by feeding them. If you lived in these kinds of conditions wouldn’t you vote for the group that on the ground in practical reality actually helped you a bit.
There are some other interesting things to know about the Palestinian people… How do I know all this - yes I visited the territories but I wrote my senior thesis 40 pages on “The Lost Opportunity for Sustainable Development in Palestine” - 10 of them specifically about demography.
* They have HIGH levels of basic education Palestinians have the highest levels literacy in the arab world.
* They have a lot of higher educational institutions.
* They have the highest level of educational attainment of women in the arab world (normally educated women cut back on the number of children they have).
* Even though the women are relatively very educated - they are very committed to having children and lots of them
Women living in Palestine have a total fertility rate (TFR) of 5.6 children—significantly higher than women in other countries that have similar levels of education and access to health services. (Women in Gaza have 6.6 births, on average, while women in the West Bank (including East Jerusalem) have an average of 5.2 births.) they are clear they are fighting a long term demographic “race” with Israel. More palestinians means more votes and more bodies to resist the injustice they have suffered.
* They have a very young population (in 2005 - 18% was below the age of 5, 45% was below the age of 15) this means that is lots of young men of marriageable age and seeking work.
So you put all this together
1. a population that watches TV from around the world on satellite dishes,
2. that lives in abject poverty
3. That is highly educated and mostly in the arts (political science, economics, english, comparative literature etc…)
4. Young men without an economic opportunities compounded by the fact that without this they can’t marry and thus can’t have sex. THEY ARE FRUSTRATED.
They know - they see every day on TV what they don’t have. We live in a globalized world and it is not just about ‘us’ those in North America and Europe knowing about the rest of the world - the rest of the world has the same tools too. They see the gap - with their own eyes and it makes them angry.
I don’t want to be all down on this post. This went by on twitter a few days ago It is about a contributor/admin on WikiHow (the wiki for how too manuals) and it made me cry - it is why I love the internet and the power it has to connect people and give people meaningful ways to contribute and help one another.
Many of you know that the dedicated wikiHowian and new admin, VC, lives in Gaza. (Actually VC is only a new admin on the English wikiHow. He has been an admin on Arabic wikiHow for a while.) And everyone knows that there is currently a war in Gaza right now. Even before the recent fighting started, VC suffered from sporadic internet access caused by electrical outages. So I felt lucky to get this email reply when I asked how he was surviving the war:
Quote:
It is terrible indeed, however, it is kind people like yourself and other wikiHow editors that keep me going on, sane and to some extent even happy that I have friends who really care about me without even really ever seeing me. Thank you very much for asking and checking on me. I’m safe and sound and so is my family and my friends. The circumstances however are hard on the children, but with some tenderness, love and patience, they’ll get through it (or so I hope). The area where I live in Gaza is considered relatively safe as it is the center of the city.It is in rough and extremely hazardous situations like these that we usually need something to hold on to … to believe in. wikiHow and its community has been that and more to me. It was and still is what I turn to so as to find comfort and peace of mind. The wikiHow community members are so supportive and kind. When I set at the computer and start doing anything related to wikiHow, it is currently my only escape outlet where I can, for some sweet moments, forget about the war, the harsh circumstances and the suffering all around me. And when I see a message by one of the editors, whether discussing some wikiHow related matter or simply saying “hi, how are you”, it makes me feel … alive, not cutoff of the world outside … having what I call a “universal family” that cares and comforts me.
For all of that Jack, I’d like to thank you for founding this wonderful family, making it possible for me and many others to feel at home no matter what.
Nico Popp has his new year’s wishes for OpenID here. There are a lot of good suggestions, but there is one I would be beg to differ with:
Everyone agrees that OpenID needs to emerge as a brand that consumers can recognize.
Clearly Nico’s definition of “Everyone” is slightly different from mine. At the very minimum it doesn’t include me. But putting semantics aside Nico continues:
Similarly to Visa for payment, Dolby for music and Gore-Tex for rainwear, OpenID ought to become the “ingredient brand” for identity. The reason the OpenID brand needs to emerge is that we need a “network mark” that transcends all the identity silos. Very much like consumers know that their bank card will work when they see the Cirrus network logo on an ATM machine, consumers need to know that their identity will work on a Web site that carries the OpenID network logo. A network mark has a simple yet powerful meaning. It does not matter whether the card is from Bank of America, Wells Fargo or WAMU, it just works with this ATM machine. It does not matter whether the identity is from Google, Yahoo! or MySpace, it just works with this Web site.
In the OpenID brand lies the one big problem. Although a strong OpenID brand will prove to be good for everyone in the long run (by creating ubiquitous interoperability, Visa helped card issuing banks make more money than they would made on their own), at this time, none of the large consumer companies involved in the OpenID foundation have any incentive to promote another brand than their own. Therefore, the foundation needs to create a forcing function. My recommendation would be to leverage its ownership of the OpenID intellectual property to enforce the network mark. Let us keep OpenID free to all, but let us require everyone who uses the technology and benefit from the free IP to display the OpenID logo.
I don’t think this is a very promising strategy. Rather than OpenID being branded, I believe the important branding is the Identity providers that would enable OpenID. In other words the brand should be Yahoo, Google, and other big identity providers, not OpenID. In the same way the brand the Facebook users care about is Facebook, not Facebook Connect.
Trying to push the OpenID branding above the identity provider branding will inhibit OpenID adoption, not enhance it. You are then asking identity providers to do something not in thier own best interest.
The average user doesn’t care about OpenID. What they care about (if they care about such things at all) is that by using OpenID they can use the identity provider they already have a relationship with to explore new and interesting services that would automatically know who they are, without them having to register at every page.
The comparison to Visa is a bit off the mark. People care about Visa because it is an enabling service. OpenID is not. It is a means by which an identity provider becomes an enabling service.
Just my two cents.
This is Brent Jeffery. I met him tonight on MARTA's Orange-line train from Atlanta Hartsfield airport to Lindbergh Center, and I'm in awe of what he does.
To put it in perspective, I speak to audiences for a living. I've done it for a long time (more than 25 years), and I had a lot of training - 9 years of drama, speech and debate in Junior High School, High School, and College. I'm a good presenter. I study presentation experts like Garr Reynolds, and I watch the best of the best at places like TED to see how I can improve. I spend a lot of time making my presentation materials informative, entertaining, and attractive. But for an old throat injury which forces me to clear my throat a lot to keep my voice from breaking, my delivery is fluid and natural. My audience ratings are consistently high.
I couldn't do what Brent does, though - at least not without a lot of practice and preparation, and not without developing a kind of courage I don't need to have to do the presentations I've been doing up til now.
I do sometimes talk about sensitive subjects - privacy, for example - but I speak to audiences who sign up to come to my talks, who know what I'm going to be talking about, and who want to be there.
Brent talks about the Bible to complete strangers on public transit. His audience paid two bucks to go home, and a lot of them are tired and crabby after a hard day at work or a series of delayed flights. They're not expecting entertainment, and they're sure not looking for a sermon.
After the MARTA train's doors close at the start of the trip, Brent gets up and asks a car full of Atlanta's weary travellers if they can spare two minutes to hear about God.
A lot of them listen. I did. He promises that it will only take two minutes. It's an exaggeration; it's really more like ten minutes. But it seems like two, because Brent's a great presenter.
And he hands out a presentation. Nothing fancy; just a xeroxed page containing a four-paragraph sermon on one verse of the Bible. Today's verse was Proverbs 13:20 ("He that walketh with wise men shall be wise: but a companion of fools shall be destroyed.") Here's the handout:
When he gave it to me, he assured me it wouldn't bite. I guess a lot of people don't reach eagerly for the paper.
Like I said, it's nothing fancy. But Brent respects his materials; at the end of the talk he comes back around the car and asks you not to throw the paper away; you're free to keep it, but if you're not going to keep it, he'd appreciate having it back. Part of the concern is surely for saving money on printing, but I bet if you asked him he'd say that a paper which might bring someone an important message shouldn't be wasted in the trash.
Brent's an inspiration to me as a presenter, and he's reminded me of something important: the most important part of a truly outstanding presentation is a profound belief that the message you're trying to communicate really matters to your audience.
If you're reading this, Brent, thanks for the lesson. It was a pleasure to meet you.
![[info]](http://p-stat.livejournal.com/img/userinfo.gif){kind=small}
crucially travels just as much as I do). This of course only made my mail situation worse as I didn't have an easy forwarding address. So, I signed up for Earth Class Mail.
Nate walked me through their process from receiving mail and packages to taking all of the normal sized envelopes and running them through modified mail sorting machines. These machines are like those used by the USPS but also scan the front and apply a unique barcode to each piece of mail. This kicks off a job which sends out emails, like the one above, automatically letting everyone know that they have a new piece of mail. From there, mail is sorted into tubs and stored until more jobs come in to open and scan, ship, shred, or recycle a piece of mail.
I cooked a snack this afternoon, crab and sweetcorn soup, a classic dish which I always cook from the fantastic book “Chinese Cookery” by Ken Hom. As we ate it my older son, who is home from university for a few weeks, complained yet again that you can’t get the book anymore. So, I decided to have a look to see if I could find a secondhand copy. To my amazement it is in print again, as of a few days ago, and you can get it for about a tenner from Amazon!
Of all Ken Hom’s books this is my favourite - great food with simple recipes that actually work, and can be achieved without too many specialist ingredients or tools. My own copy is in three pieces it has been used so much.
I’m happy to announce that Foodle version 2.0 is live and kicking on https://foodle.feide.no.
Most significant changes include:
Only one button for creating new foodles.
I was thinking of calling this entry "Last Post", but that seemed needlessly downbeat.
Monday will be my last day on Sun's payroll, and I will be moving on to other things - initially setting up my own freelance consultancy, and then I'll see whether that leads back into full-time corporate employment, or whether the independent life is so fantastic that I stick with it.
It's going to be a challenging time, I'm sure, especially in the current economic climate, but I'm also sure that there will be plenty of new experiences, and interesting problems to solve.
Life at Sun since 2000 has never been dull, and the last 4 years in particular have been among the most enjoyable of my working life. I was re-visiting my LinkedIn profile the other day, and read what I had written there in the Summary:
"My goals are to increase the influence I am able to apply at CxO and Policy-maker level, and to achieve the perfect work/life balance"
Well, I suspect that becoming self-employed is about to do all kinds of interesting things to my work-life balance, but I have definitely made progress towards the other goal. That sank in when I was looking through some of the snapshots on my phone; over the last couple of years I have attended presentations from the Prime Ministers of Portugal and France, met the Government CIOs of the UK and Austria, dealt with ministers and senior civil servants from Finland, Germany, Norway, UK, US and the European Commission, worked with the OECD, and given lectures at universities in Washington DC, London and Sapporo.
It's been great fun, and has given me the opportunity to travel to interesting places and work with wonderful people. I can honestly say that the novelty, excitement and sheer sense of privilege have never worn thin. Here's hoping it has equipped me well for whatever comes next.
As for this blog - well, some time next week I will stop being able to add new posts, though the existing ones will remain. Thank you to everyone who has read, commented and got in touch; there are people who I have met in person because we met first via the blog, and every one of them has been a gem. There are others who I haven't met yet, but hope to when we get the chance.
This will be post no. 1021 on the blog, which averages out at very roughly one per working day since my first blogging steps back in March 2005. That would be a hard habit to kick, so you may be either relieved or exasperated to hear that I don't intend to stop...
If you want to follow the racingsnake, you can do so at my Future Identity blog, here. I hope to see you there!
This book will teach you how to cope with the world of password policies, password crackers, and human predictability. It teaches specific password patterns that will meet even the most unyielding security policy requirements but that users will remember in a snap. If you deal with passwords, you need this book.
2009 promise to be a pivotal year for OpenID. So far, industry adoption has been strong with consumer powerhouses such as Google, Yahoo!, Microsoft and MySpace backing up the technology. At the same time, consumer adoption remains limited to early adopters. Meanwhile, FaceBook, the identity provider of choice for 160M consumers is promoting its own alternative in the form of Friends Connect, creating the risk of balkanization. With a new year beginning, a recently augmented leadership, and high competitive stakes, the moment felt opportune to put together my 2009 wish list for OpenID.
Execution: The Separation of Concerns
My first wish is organizational. The OpenID foundation board host really bright and passionate people. Folks are committed to the success of OpenID. Across the board, there is also a strong willingness to do what is right. Nevertheless, execution on key priorities appears to remain sluggish at times. Perhaps, the foundation needs a more effective way to drive execution. There, it could borrow a page from what larger corporations do extremely well. They separate governance from execution. The OpenID board is governance. It needs to articulate priorities, but create focused committees around these priorities. Then, it needs to empower the best elements in the board and the community to drive the outcome. Sounds obvious, but by enforcing that separation of concern and empowering people to work in parallel, I think the OpenID foundation could gain tremendously effectiveness in 2009.
Identifier: Email Address as OpenID, at Last!
In the last two years, I have been regularly in a position to explain and pitch OpenID to Financial Institutions, Mobile Network Operators and MSOs. By experience, I have learned that OpenID detractors and alternate technology providers will always bring two detrimental arguments against OpenID: user experience and security. The usability argument can be summarized as follows: "How much marketing dollars do you plan on spending to teach consumers to type a URL instead of a user name?". The answer is simple and usually reminiscent of Omer Simpson's catch phrase. So, in 2009, let us do ourselves a favor. Let us remove the leading argument against OpenID. Let us make email addresses first class OpenID identifiers. It is not about alienating URLs as identifiers, it is about enabling email addresses alongside URLs, because millions of consumers already regard email as their primary online identity and an email address is already their user name across so many sites.
Security: OpenID Security Analysis and Best Practices
The second argument that OpenID detractors will always bring up is security. In fact, there is a lot of confusion around the security of OpenID as a protocol and its propensity to phishing as a user experience. There again, detractors and naysayers are having a ball. What we need there is a neutral third party study that explains why OpenID is a sound protocol, and describes the best security practices to deploy the technology. None of the companies involved in the foundation should be responsible for such study. Instead, the board should sponsor an independent and reputable third party security lab to lead the security review. Once it is complete, the foundation should publish the results of the security analysis, alongside the recommended deployment best practices.
Branding: Establishing the "OpenID Network Mark"
Everyone agrees that OpenID needs to emerge as a brand that consumers can recognize. Similarly to Visa for payment, Dolby for music and Gore-Tex for rainwear, OpenID ought to become the "ingredient brand" for identity. The reason the OpenID brand needs to emerge is that we need a "network mark" that transcends all the identity silos. Very much like consumers know that their bank card will work when they see the Cirrus network logo on an ATM machine, consumers need to know that their identity will work on a Web site that carries the OpenID network logo. A network mark has a simple yet powerful meaning. It does not matter whether the card is from Bank of America, Wells Fargo or WAMU, it just works with this ATM machine. It does not matter whether the identity is from Google, Yahoo! or MySpace, it just works with this Web site.
In the OpenID brand lies the one big problem. Although a strong OpenID brand will prove to be good for everyone in the long run (by creating ubiquitous interoperability, Visa helped card issuing banks make more money than they would made on their own), at this time, none of the large consumer companies involved in the OpenID foundation have any incentive to promote another brand than their own. Therefore, the foundation needs to create a forcing function. My recommendation would be to leverage its ownership of the OpenID intellectual property to enforce the network mark. Let us keep OpenID free to all, but let us require everyone who uses the technology and benefit from the free IP to display the OpenID logo.
Avoiding the balkanization of identity to achieve the broadest possible user-centric federation network is what is at stakes in 2009. Undeniably, this is the year when OpenID can get from good to great. The OpenID network will rise or OpenID will become another commodity protocol encapsulated in the stacks of more fragmented identity networks (such as Google Open Connect or FaceBook Connect). It is up to us the OpenID community to make things right by seizing the opportunity. As we say in the valley, it is all about mere and simple execution. Yes, indeed, this coming year ought to be a critical and exciting year for Internet identity and OpenID.
This post was on slashdot today
Protection From Online Eviction?
from the our-data-our-selves dept.
AOL has been shutting down its free Web services, in some cases with little or no notice to users, and they are not the only ones. This blog post on the coming “datapocalypse” makes the case that those who host Web content should be required to provide notice and access to data for a year, and be held strictly accountable the way landlords are before they can evict a tenant. Some commenters on the post argue that you get what you pay for with free Web services, and that users should be backing up their data anyway. What do you think, should there be required notice and access before online hosts take user data offline for good?
Here are some interesting comments from it.
http://tech.slashdot.org/comments.pl?sid=1079453&cid=26315101
I am not going to do a “top ten list” - not really my style. I tend to take things as they are and appreciate the amazing, wonderful, mysterious, sensuous, intellectually stimulating but don’t “compare” in a sort of ordered list way. So just so there is clarity on the number of things I mention I will “number” them but this is NOT a top ten list - I wrote this post as a reflection without thought to order.
This morning while swimming I got to reflecting about the year in identity and it did seem appropriate to share some of them.
(un1) Bob’s Relationship paper (that I hope Burton Group will release into the world) was put forward in draft form at IIW#7 (2008a) and the Data Sharing Summit in May. It framed the problem of identity and articulated some missing pieces to the puzzle we are solving - supporting an identity layer emerge. He high lighted the fact that identity happens in the context of relationship and finding ways to document the terms and conditions in a relationship - making the relationship itself its own node and not just a line in a social graph. Since the paper is mostly been available to enterprise clients of the Burton Group and some folks in the identity community this missing piece - the node of relationship itself has not been taken up. I am hopeful it will emerge. I think some of what the Higgins project is proposing as an R-Card - a place to co-manage relationship data between two parties in a transaction could for fill this.
Update: I spoke with Bob since this post and Burton will be releasing this paper in Q1.
(un2) Facebook’s emergence as the dominant social networking service and this being the anti-pattern that the communities that I have been participating in for 6 years now had articulated was a danger that needed to be addressed preemptively with open standards that worked between silo’s.
(un3) Related to this - I am remember that summer at the invitational gathering at Hollyhock (a retreat center in Canada I love and I became the accidental poster child for) I got to meet with colleagues who lead workshops there some of whom I have known for years. They knew I was into the web and social things there - “digital identity” but this year they “got” more of what I was talking about. The reason was because of issues they themselves had - one had pictures and e-mails and other things the community had put forward around someone’s life threatening illness. They found they couldn’t get the data out. … it wasn’t there. People informally in conversations I overheard were kinda freeked out by the service (you need to remember that in Canada Facebook has incredibly high penetration into the lives of “normal” folks about 40% of all Canadians are on it - so more normal folks then in the US).
So back to the open standards working between sites - putting at least doors between walled gardens - it seems that finding the agreement and finding adoption of such open standards is difficult - or perhaps more to the point it is not a “high business priority” - it is easy to have a big network just grow and become the default. I think the efforts of the open stack community are noble and I hope they succeed. I also think they need to address some of the things that facebook messes up. These include mushing all my worlds together- (water polo from when I was in highschool, kindergarten class at school, water polo from college, water polo from the national team, highschool, elementary school 1, elementary school too, my process facilitator community, the identity community, the all the worlds I am in they are all FLAT - my social reality isn’t flat. People and the topics I am interested in at any one time come closer and go out father. I have divers interests and everyone I know is not interested in everything I do. I know this. I am not trying to “hide” anything or “be secret” I just want to respect the attention of my friends. I hope this nuanced social understanding can be grasped by someone building these tools. It is not that complex.
It may be that this kind of nuance will show up in smart clients. I am hopeful that this year there will be at least one for twitter. (I want to have two kinds of twitter friends - the ones that I read ALL their tweets (scrolling back to see what happened when I was not online) and those that i will watch passively when I happen to be online too.
(un4) TWITTER really broke on to the scene this year. I started tweeting because of Phil Windley’s comment about how it got him connected to his remote team - as a water cooler replacement - to know what they were up to in daily life (I had had an account for about a year before but hadn’t gotten into it). I was also at a talking heads forum on collaboration for a day in January and several friends were there who were tweeters so I did the laborious work of finding people to follow (back then there was no people search - you sort of found people by who you saw following people you knew).
I have several more thoughts about big things of the year. I will continue to write in the next few days. I am going to get back into blogging. These last 8 months since IIW#7 2008a I have had some rather significant personal life background noise. It is why I haven’t been writing or getting out much. So one of my resolutions for the year is to blog more.
This is part 2 and continues from part 1. I will re post this caveat again.
I am not going to do a “top ten list” - not really my style. I tend to take things as they are and appreciate the amazing, wonderful, mysterious, sensuous, intellectually stimulating but don’t “compare” in a sort of ordered list way. So just so there is clarity on the number of things I mention I will “number” them but this is NOT a top ten list - I wrote this post as a reflection without thought to order.
(un5) The emergence of Portable Contacts was a great development out of the Data Sharing Events that I put on with Laurie. The conversation between Joseph and the MSFT guys (Indu and Angus) lead to this - sort of a practical low hanging fruit thing to do - rather then solve everything - just how to get the list of contacts I have in one place out and importable to another. Joseph’s community leadership has really impressed me to. He is all about getting things done and finding the needed elements to make things happen.
(un6) I have enjoyed watching Marc draw on his fence - yes he does this literally - and talk about his vision of the social web evolving. He “published” a book containing some of what he has been talking about. You can describe Marc as many things but I for one respect him as a visionary - ahead of his time in seeing where things will be going on the web and what will be needed. (You can see his predictions for 2009 here) Just as an example of something he said that really struck me as original and important to think about looking ahead - he talked about how groups need to live autonomously - outside any one platform or silo - and that we need a language of social verbs that are open and standard across them. Maybe some more people will “get” what Marc has been saying in this regard and some open standards can evolve to address this.
(un7) In a year end review it would be a mistake to not name the IDTBD conversation that happened this summer. You can read the whole thread of the e-mail conversation in the google group - it is public. There were in the end two different ways to look at how to organize (and I think they can complementary) one put organizational form and structure first and the other put relationship and community first and said that needed form and structure could emerge from that. In the middle of the conversation we were referred to Clay Shirky’s work - both this video about LOVE in technical communities and how it is very long lasting and sustaining and his book - the power of organizing without organization. (He also has another talk about Coordination Costs that is informative). Identity Commons is an organization being held together with many of the new super low cost tools that mean organizational overhead that was needed to organize people as organized as we are isn’t needed like it was 5-10 years ago. Having said this there is much to be improved and in the survey we sent out after IIW we asked about IC and the community wanted us to focus on supporting/providing better communication between groups and also increased PR/outside world awareness of the collaborative work happening in the community.
(un8) The OpenID Foundation part of the Identity Commons community held its first elections for the community seats on the board.
(un9) Information Card Foundation launched and is part of the community of Identity Commons. I have been quite impressed with the energy and evangelism of Charles Andres. (they too are using a low organizational overhead model for getting things done). I actually got a the Azigo card selector working on my Mac and downloaded a “managed” card from an early behind the scenes trial of CivicID. I also failed at getting an “I’m over 18 card from Equifax” - Actually the experience of their knowledge based authentication made me think my identity has been “stolen” it asked me about a bunch of loans I haven’t taken out. So now I have a bunch of personal identity detective work to do this year (I will be blogging about those adventures).
(un10) Parity Communications shipped some pretty amazing stuff and it has been a long time coming*. They are behind the Equifax I’m over 18 card issuing site using their service called Card Press for issuing information cards. (as an aside I “get the whole stock photo with people holding their hands in a card shape - but why the girl with no top on?)
* Some background I first talked to Paul Trevithic and Mary Ruddy in the winter of 2004 while working for Identity Commons I knew I had to go out and meet them - to learn what they were up to and hopefully link/sync it with what Owen, Andrew & Drummond&Co. were up to around user-centric identity. They were into Social physics along with John Clippinger and both Paul and John were at the 2004 Planetwork Conference.
Over all it was an amazing year and it seems that the coming year will continue to have this field evolve.
I am working hard on pulling together two events before the next IIW (May 18-20 - put it on your calendars). One is specifically focused on “What are the Business Models” we should have an announcement about that next week but the dates will be the last week of Feb.
The other is focused on the intersection of identity technologies and the legal realm - I am meeting face to face with Lucy Lynch from ISOC in Eugene this week to work on details for that.
The Identity Futures group continues to percolate along and is working on developing a proposal to do some scenario visioning/planning.
I am hoping to spend some more time thinking about and talking to women to understand more about their needs and practices around identity online. Just in the last week while organizing She’s Geeky (the women’s only tech conference happening at the end of January) two women have mentioned they have had online stalker experiences recently. Several also have very particular ways of presenting themselves one example is a woman who professionally they use their first initial and last name - when they submit resume’s etc and in their general life online/socially they use their First name and last initial - to ensure that they are not findable at least by an employer initially doesn’t know their full name and thus their gender.
Image via Wikipedia
If you do Web design, and who doesn't these days, then you might be interested in seeing how your site operates in multiple browsers. You could, of course, create a virtual machine for each version of Internet Explorer that you want to test against. But there's a better way.
There is a repository of standalone IE versions all the way back to 3.0. Tredsoft has an installer that will install any or all of these in one convenient package. A few minutes after starting the download, I had IE6 up and running in all it's, ahem, glory. IE7 runs right along side without a hiccup.
There is an interesting military acronym, MOAB. This stands for the GBU43/B Massive Ordinance Air-Blast bomb, or it is more frequently known, the Mother Of All Bombs. In terms of privacy, I like to think of government sponsored massive databases as the Mother Of All dataBases (MOAdB). Their destructive power against personal privacy is quite massive.
The UK is not only contemplating a MOAdB of communications data, it may be putting it in private hands:
A contentious proposal to create a massive database of communications metadata in the United Kingdom has just become even more controversial. According to reports in the British press, a “consultation paper” laying out the plan, slated for release in January, contemplates outsourcing the maintenance of the database to private-sector firms. The proposal has already come under fire from civil liberties groups, the European human rights commissioner, and former public officials.
Initially included in Britain’s Communications Data Bill as part of a sweeping Interception Modernisation Programme, the surveillance proposal was dropped from the legislation in September, but it was not abandoned. The database is projected to cost some £12 billion ($17.5 billion US), and would contain metadata about every phone call placed, every e-mail or text message sent, and every Web site visited in the UK, reports say. Such “metadata” would include routing information, such as the sender and recipient of an e-mail, as well as times and dates.
How can you create a simpleSAMLphp theme that customize the UI. This document gives you a short overview.
I’ve started to convert all simpleSAMLphp documentation from the great docbook format, to the cute and really simple Markdown syntax.
I’ve also setup automatically connection from Feide RnD to the simpleSAMLphp subversion respository, which means that as soon as a document is updated in the simplesamlphp repository it will be reflected on Feide RnD. (I also have support for keeping track of multiple versions of the same doc).
The reason why I switch to Markdown is because it is dead simple. I want it to be simpler to contribute and update simpleSAMLphp documentation, and now it will be. Another feature of Markdown is that it is great to read in plaintext, and possible to convert to HTML “on the fly”.
This document is the official documentation on the simpleSAMLphp InfoCard module.
Last year I posted this comparing different types of screws. Paul Madsen chimed in expressing his geographical preference for the Robertson (square drive) screw. While I could pontificate at length about the inherent advantages of a hexagonal drive technology used in Allen head screws versus the equilateral rectilinear drive technology used in Robertson screws, it would be counter-productive. Clearly the industry is hopelessly fractured by multiple redundant screw standards. This is not only inhibiting the transition from Screw 1.0 technologies (such as Phillips) to Screw 2.0 technologies (such as Robertson and Allen), it is also preventing the development of Screw 3.0 (also known as the Semantic Screw).
Well we all know what is needed in a case like this, a new standard to integrate the different Screw technologies. Thus I am drafting a proposal to the Proposing Organization for New Devices (POND) a new Tool Committee (TC) to study this. The new standard will be named the Work Shop Screw Interoperability Technology (WS-ScrewIT). I humbly submit Paul and myself as Co-chairs.
I know you should never jump to the solution before the requirements are well known, but I couldn’t help working on this. I even have a prototype of the technology. It looks something like this:
Thanks for following my blog in 2008. Hope you will follow also in 2009, I’ve tons of ideas that I have not yet written about, and things that I would like to do (within the identity area), so stay tuned…
Taking a look back at 2008, I created a list of all articles written throughout the year, enjoy:
That's the approximate ratio of Palestinians to Israelis killed so far in the current violence between Gaza and Israel, according to this BBC article.
How can it have come to this? It is now over 6 years since the "Quartet" (US, EU, Russia and UN) published its first draft roadmap aimed at ending the Israel-Palestine conflict. It included objectives such as a focus on reciprocal steps towards peaceful co-existence; political, economic, humanitarian and institutional reconstruction over a three-year (!) period; Israel's withdrawal from territory it has occupied since 2000, and the establishment of provisional borders of a Palestinian state; an end to Israeli settlement in occupied territory; re-afirmation of the positions set out in UN resolutions 242, 338 and 1397; full, safe and unfettered access to Gaza and the WestBank for international and humanitarian personnel, and so on, and so on. In those respects, a cold-eyed assessment would have to conclude that the Quartet has mad
