Older blog entries for dmarti (starting at number 509)

Point of order: web site login

This started out as a comment over at the Doc Searls Weblog but IMHO it's worth repeating and expanding. Because someone actually made a working solution to a large-scale problem.

Mozilla Persona is full of win.

Especially compared to “social login.”

Mozilla Persona is not just "log in with [big web company]" with a better logo. It's different, and way, way, better. If you're still complaining about the web login problem, you probably just don't understand Mozilla Persona well enough.


The BrowserID protocol never leaks tracking information back to the Identity Provider.

So you can use your @example.com email addres to log in to whatever sites you like, and example.com never knows which ones.

If your site login method is based on “let’s make users remember complex strings of text, which we know people are really bad at” or “let’s depend on having our users tracked by big companies, which we know people hate” you need to take a short hacking break. Make a simple web application that uses Mozilla Persona, learn how excellent it is, and then never go back.

Bonus link: OAuth of Fealty by Ian Bogost. The short truth is this: Facebook doesn't care if developers can use the platform easily or at all.

And Mozilla would never do anything like that, right? (Seriously. Please don't. Mozilla Persona fanboy here—if you mess it up I'll look like the web authentication version of Zune Tattoo Guy.)

Syndicated 2013-08-03 12:52:27 from Don Marti

Learning from Second Amendment defenders

The IT industry in the USA depends on the First Amendment and Fourth Amendment just as much as the firearms and ammunition industry here depends on the Second. Today, though, Second Amendment rights in the USA are in much better shape than First or Fourth Amendment rights, and the collapse of the First and Fourth is now a high-profile problem for the nation's IT business. We're failing dangerously where so-called Gun Nuts have been succeeding for decades. What are Second Amendment-based companies getting right that First and Fourth Amendment-based companies are getting so terribly wrong?

When a First/Fourth-hostile regime comes into effect, companies have to comply, just as firearms manufacturers have to comply with Second-violating laws when those pass. But every industry in the USA basically writes the laws that apply to it. Petroleum products cannot be hazardous waste, by definition. The Pillsbury Doughboy collects a government paycheck. You don't need me to go on here. Lobbyists tell Congress, "If you could pass this set of laws to cover our industry, that would be super helpful, mmmkay?" and Congress says, Yes sir.

So why have we as an industry failed on First and Fourth Amendment protections? Because we're not doing some basic political tasks that the Second Amendment crew is doing right.

Model 1911
semiautomatic pistol, partly disassembled.

Fan-friendly vintage products Firearms sellers understand and use the endowment effect. For example, users are happily keeping and using M1911 pistols, based on a century-old design by John Browning. And even buying newly manufactured ones. When Grandpa goes to the store for a vintage product like he's used to, he can get one, not a forced upgrade to flat design.

Should IT companies devote valuable staff to maintaining vintage versions? Not necessarily. The largest producer of M1911 pistols is a company called Kimber, founded more than 50 years after Browning's death. It's hard to imagine a IT company throwing an old product over the wall instead of killing it. The conventional wisdom is to do everything possible to prevent competition with old versions. But now that the market is mature, we can reconsider that. Keep the fangirls and fanboys happy, and they'll be writing letters to Congress instead of THIS NEW VERSION SUX0RZ!!1! rants.

Stick together on the basics Ever see a revolver manufacturer come out for a ban on semiautomatics? Or a manufacturer of long-barrelled firearms come out for a ban on short-barrelled ones? Manufacturers treat policy debates as off limits when seeking competitive advantages. One exception, the case of a CEO who wrote one letter to Congress supporting a magazine capacity limit in 1989, was controversial at the time and provokes boycott discussions even today. The Second Amendment scene understands divide et impera pretty well by now. Meanwhile, IT vendors will throw each other, or users, under the bus for a short-term advantage over some other vendor. And incumbent vendors cheerfully support laws that lock out new startups.

The results of that quarter-to-quarter thinking are coming home to roost. Pursuit of lock-in can be great for sales, short-term, but locked-in users can't switch vendors as fast, which makes every vendor's OODA loop unnecessarily slow. Thanks to the decision to pursue lock-in, we've gone from innovation to stagnation and squabbling, and just making everyone rebuild their stuff over and over for different platforms. Meanwhile, the firearms business is letting users swap in independently developed parts while keeping their platform investments. It's news when an IT person makes noise about We do not break userspace! but mature markets take that for granted. <pullquote>The IT industry isn't a baby any more. So it's time to stop raising it on the steroids of forced upgrades and the crack of lock-in, and move it up to the whole-wheat goodness of sustained customer value.</pullquote> Worst pull quote ever. You're basically saying that you'd give steroids and crack to a baby. Also, gluten moms. —Ed.

Product-membership bundling The Second Amendment industries have the NRA, and we've got the EFF. Even accounting for the fact that the NRA is a century older, the EFF is relatively small compared to the user population it serves.

A key part of the NRA's success is vendor cooperation on membership drives. Just one example: REDRING Offers 5-Year NRA Membership & Redring Shotgun Sight Package at 2013 NRA Show.
I have also seen an NRA membership deal at a company that offers ammunition reloading supplies. Powder, add to cart, primers, add to cart, a year of NRA membership, add to cart. Simple.

IT vendors could easily add EFF membership to product and service bundles. Yes, the EFF does call out some vendors on problematic programs, but see stick together on the basics above. As the industry grows up, we'll be putting less and less importance on infighting, and more on staying in business for the long term.

Conclusion With the Second Amendment safe for the foreseeable future, and firearms vendors sitting on more orders than they can fill, (thanks largely to NRA publicity—that product-membership bundling was worth it, wasn't it?) a lot of Marketing and Public Policy people there are probably getting a little bored. Time for the IT business to hire some.

(photo: Jan Hrdonka for Wikimedia Commons.)

Syndicated 2013-07-20 15:06:23 from Don Marti

Deluxe file sync setup for $300

Here's an opportunity you don't see every day. Send Joey Hess $300 and he'll work with you to set up the best possible git-annex system to meet your needs. Git-annex is software to sync your files to multiple devices, including computers and phones, along with keeping your stuff up to date on your backup drives and cloud services.

Git-annex gives you a lot of options. Just as Dropbox isn't tied to one platform, git-annex isn't tied to one platform or to one service. You can sync your files to dropbox.com or to a long list of other services. Or use your own server, or use external hard drives. Here's an opportunity to get help figuring out how to make it work for your own projects.

(previously: The most important $11,123 in the software business?)

Syndicated 2013-07-15 11:40:23 from Don Marti

QoTD: Avdi Grimm

No, [Linux] doesn’t have an official reference platform, not even whatever PC Linus happens to be using these days. But for developer workstations, there’s a de-facto reference platform, and it’s called a ThinkPad. If you’ve been using Linux for any length of time you know that if you want a linux desktop machine to Just Work, you buy a ThinkPad. There is a self-reinforcing cycle that perpetuates this phenomenon. Linux developers tend to use ThinkPads, so they tend to make sure that the hardware is well supported, so Linux developers tend to buy more ThinkPads, and so on. I don’t know where it started, but that’s how it works.

Avdi Grimm

Syndicated 2013-07-10 13:48:58 from Don Marti

QoTD: Ron Paul

My understanding is that espionage means giving secret or classified information to the enemy. Since Snowden shared information with the American people, his indictment for espionage could reveal (or confirm) that the US Government views you and me as the enemy.

—Dr. Ron Paul

Syndicated 2013-06-29 15:36:37 from Don Marti

Believing Bullshit

Why do people believe bullshit? The problem of producing it is covered in Harry G. Frankfurt's On Bullshit, but why believe it?

It looks as if believing an organization's bullshit is an inexpensive way to signal loyalty to the organization. Signaling through contribution requires skill×effort. Believing bullshit requires little effort and there's no multiplier for skill.

Although signaling loyalty through bullshit-belief can be a good strategy for a member, there are clearly adverse consequences for the organization. The organization fails to capture extra, potentially useful, work done as a by-product of loyalty signaling through contribution. Ineffective managers within the organization can manage based on loyalty as shown through bullshit-belief rather than having to evaluate results. And members make incorrect decisions based on bullshit, not reality.

The obvious answer is for the organization to produce less bullshit. Most of the time, the decision to believe something isn't based on what belief is correct, but on what belief shows loyalty. If the bullshit isn't there, the opportunity to believe it is gone. However, much as it would help to have fewer opportunities for members to signal loyalty by bullshit-belief, the organization may need to continue to produce bullshit for other reasons.

A more realistic answer is to give members opportunities for showing loyalty that do not require either effort, which is costly, or bullshit-belief, which is harmful. For example, provide silly-looking clothing for members—anything that people would choose to wear only to show loyalty, and not for other reasons. Or invite members to participate in rituals, as in agile software development methodologies.

(Bonus link: Michael O. Church on the MacLeod Model of organizational sociology.)

Syndicated 2013-06-27 13:32:53 from Don Marti

Advertising and privacy link dump

First of all, go read Bob Hoffman, Ad Contrarian. Samples: Blogger Math Takes On Facebook Where Are The Brands? The Cheats vs The Morons Coca-Cola: Fizzy Goes Fuzzy Online Advertisers Getting Hosed Time To Clean Out The Stables

More links on advertising and privacy...

Mathew Ingram: Guardian kills its Facebook social reader, regains control over its content

TechCrunch's teachable moment: media sites must own the conversation | Dan Gillmor

Bizarre Upper East Side marketing orgy: Small Ads

Terry Heaton's PoMo Blog: TV numbers add up (to a BIG problem) Ads on TV crossed the line of viewer disrespect a long time ago.

George Simpson: I have spent the better part of the last 15 years defending cookie-setting and tracking to help improve advertising. But it is really hard when the prosecution presents the evidence, and it has ad industry fingerprints all over it -- every time. in Suicide By Cookies (via Doc Searls Weblog and Mozilla Privacy Blog)

Joshua Koran: The Real Costs of Cookie-Blocking. This inadvertently centralizes consumer activity to just a few players, which according to privacy advocates would help lead to the very "Big Brother" centralized database of consumer activity that they are trying to prevent.

Measuring Brand Lift With Google Consumer Surveys

How Affiliate Adware Affects Your Revenue

Google Takes the Dark Path, Censors AdBlock Plus on Android (via Anil Dash)

Login should be personal and minimal first, social later. Users don't like social login

Ben Adida: Firefox is the unlocked browser. (Let's hope they get the user agent string fixed, though.)

Why we should all worry about being tracked online | James Ball

Jeff John Roberts: Massive bot network is draining $6 million a month from online ad industry, says report

Jeffrey F. Rayport: Advertising and the Internet of Things.

Daniel Lawton at Knife Depot: How Google Sliced Away Our Knife Ads

Curt Woodward: Newspaper Paywalls: Here's Why They’re Really Doing It.

Rebecca Waber: When Ads Get (Too) Personal. As media — and the advertising seen on it — become more focused on smaller groups of individuals, we see less of the same advertising content as other people do. And that's a potential blow to advertisers for several important reasons:....

The Security Skeptic: Ad Industry Attacks Against Mozilla Reveal Poor Choice of Campaign Role Models. But rather than mounting a campaign that attacks Mozilla directly, IAB/ANA strategy is focused on scaring users by threatening more advertisements.

Richard Stacy: Why social media is a dangerous concept. Social media only really works on the basis of speaking to small groups of people or individuals. It hardly ever gives you the scale or reach we assume is associated with the term media.

Eric Picard: How targeted advertising can be saved. At some point, the browsers are going to unilaterally put an end to this debate about online privacy and advertising tracking. More: Our industry's unethical, indefensible behavior. People are claiming that if we stop the targeting, all the value in this industry will bottom out—that another bubble will burst, and advertising Armageddon will follow. I disagree. I believe a huge amount of value can be generated without marginally ethical behavior. Also: Why consumers think online marketing is creepy and The real reason consumers are creeped out by online ads.

Alan Schulman: Algorithms Don't Feel, People Do. This balance between medium and message has largely been lost, as we seem more seduced by the algorithms — the containers and software solutions for delivering messages to devices — than the evolution or effectiveness of them.

Dax Hamman: Why retargeting is fundamentally broken. Do we not recognize that all that advertising we see in magazines, on TV or hear on the radio is influencing our decisions? And yet under the digital model of last touch, all of that value and influence is simply ignored.

Facebook Knew I Was Gay Before My Family Did

Jack Neff: Nielsen Now Tracks (Almost) Everything You Buy

Why data leakage is hurting our industry

3 things about the privacy debate that don't matter

How a banner ad for H&R; Block appeared on apple.com—without Apple’s OK | Ars Technica

Dan Gillmor says journalists are uninformed about who controls the platforms they publish on

Ken Dreifach: The New NAI Draft Code: What Ad Networks, Platforms and Exchanges Need to Know. The Draft Code “prohibit[s] member companies from using [locally stored objects] for online advertising activities.

Steve Smith: Is 'Do Not Track' And Opt-Out Already Impacting Audience Value And Pricing? The report contends that this increase in the share of users either without cookies or without third-party data is likely a result of enhanced public awareness of do-not-track and opt-out mechanisms. As browsers like Mozilla’s Firefox and Microsoft’s Internet Explorer make the do-not-track flag or cookie blocking the default modes,this share is likely to rise.

Tom Hespos contemplates a future without third-party cookies: Could digital survive losing the cookie? Power would begin to shift back toward single sites with large traffic volume. In the absence of third-party cookies, after all, marketers would have to rely solely on data captured by individual sites in order to target ads in any compelling way. More: Why advertisers need to lose some pricing control

Peter Swire: Open Letters To... | How to Prevent the ‘Do Not Track’ Arms Race (via HubSpot's Inbound Marketing Blog). (Really? Adtech firms are going to replace cookies with "even more sophisticated tracking methods"? All that would do is bring smug cookie-blocking users who are now bored with the whole thing back in for another round.)

John Battelle on the return (or did it ever go away?) of click fraud: We’ve Seen This Movie Before…On Traffic of Good Intent. More: When It’s This Easy To Take Someone’s Money…. Also, Publishers, Ad-Tech Firms, Marketers Need to Connect, Build Trust. (Let me get this straight. 1. Adtech system teeming with fraud. 2. ??? 3. Participants in this system should begin trusting one another.)

The Cookie Has Five Years Left Says Merkle's Paul Cimino (via HubSpot's Inbound Marketing Blog)

Mozilla Blog: Mozilla’s new Do Not Track dashboard: Firefox users continue to seek out and enable DNT

David Kaplan: Casale Finds Browsers' 'Do Not Track' Reduced Cookie Values

Alexis C. Madrigal: If It Wasn't the Pregnancy Tests, Why Did Baby Catalogs Start Arriving at Our House?

Mary Hodder and Elizabeth Churchill: Lying and Hiding in the Name of Privacy. A large percentage of individuals employ artful dodges to avoid giving out requested personal information online when they believe at least some of that information is not required. These dodges include hiding personal details, intentionally submitting incorrect data, clicking away from sites or refusing to install phone applications. This suggests most people do not want to reveal more than they have to when all they want is to download apps, watch videos, shop or participate in social networking.

Dan Hon: 2p – The tyranny of digital advertising. Ultimately, digital display advertising is boring and suffers from a glut of oversupply. This is why we have a pseudo holy war going on between the display advertising folk and the native advertising folk: because people ignore interruptive display advertising and pay attention to interesting content.

Steve Sullivan: Prepare to Board the Viewability Train with IAB SafeFrame

Mozilla Blog: Personalization with Respect. Mozilla aspires to enable personalization—the customization of ads, content, recommendations, offers and more — that doesn’t rely on the user being in the dark about who has access to that information, and with whom that information is shared.

Mike Volpe: 10 Horrifying Stats About Display Advertising (via Internet Marketing Blog by WordStream) You are more likely to complete NAVY SEAL training than click a banner ad....About 50% of clicks on mobile ads are accidental.

John Ebbert: IP Targeting May Replace The Cookie, Says AcquireWeb (via Goodway Group Blog)

Eli Goodman: As Digital Ad Effectiveness Measurement Improves, Are Branding Ad Dollars Ready to Follow? (Sure, if the privacy protection is there. Otherwise, online ads carry all the signal of an incoming email spam.)

Joe Mohen: RTB Is the Most Overhyped Technology Ever

Kevin Conroy: The Third-Party Cookie Divide Is Debilitating the Industry

Ken Doctor: The newsonomics of climbing the ad food chain. Publishers describe their digital ad woe with these terms: “price compression,” “bargain-basement ad networks,” and “death of the banner ad.” Each describes a world of hyper-competition in digital advertising — a world of almost infinite ad possibility and unyielding downward pricing pressure. (via Street Fight)

Syndicated 2013-06-02 15:09:38 from Don Marti

Internet trend: unexplained value of print ads

Making the rounds: Internet Trends 2013 by Mary Meeker and Liang Wu at Kleiner Perkins Caufield & Byers.

Yes, I always jump to the slide about ad spending in each medium compared to time that people spend with that medium.

2012 was a big year for adtech, so the share of people's time and advertisers's budgets that print pulls in should be steadily declining, right?

The December 2011 numbers in the 2012 version have print at 7% of time spent and 25% of ad spending. For December 2012, print has 6% of the time and 23% of the money.

So print's time is down by 14% and money is down by 8%.

There's no correction toward digital. Print continues to command an unreasonably large share of advertising budgets. Spending is down, but proportionally not as much as time.

With the trendiness and bubblyness of digital, we'd expect it to go the other way.

Something deeper than click fraud is going on here. Print is inherently more valuable because it's less trackable, and carries a better signal, and we keep seeing that in these Internet Trends reports.

More: Can privacy tech save advertising?

photo: Kate Ter Haar

Syndicated 2013-05-31 14:02:38 from Don Marti

Software development links, again

Making the rounds...

Git branch / merge: not as easy as advertised

Cray-zy progress! We have boot!

3 things I set on new servers | Simon Holywell - Web developer in Brighton

Components Becoming Major Source Of CVEs (via Wild Webmink)

A short introduction to TPMs (via a technology job is no excuse)

git? tig! (via Hacker News Daily)

coolwanglu/pdf2htmlEX · GitHub (via One Thing Well)

HTTP as Imagined versus HTTP as Found

A Saudi Arabia Telecom's Surveillance Pitch (via Center for Democracy & Technology)

Git prompt: Tell me more

The Go Programming Language Blog: Go 1.1 is released (via LWN.net and The Promised Planet)

Why Go? (via dzone.com: latest front page)

PostgreSQL New Development Priorities: Scale It Now

Your Jabber ID as your Persona identity

Alternatives To Git Submodule: Git Subtree

Volatile and Decentralized: What I wish systems researchers would work on (via Journal of a Programmer)

What Is Persona?

Francois Marier: Three wrappers to run commands without impacting the rest of the system

pybit 1.0.0 - distributed, scalable builds direct from VCS or archives

Always define the language and the direction of your HTML documents, part 02: Backwards English

Prefetching resources to prime the browser cache for the next page

Linux System Programming, 2ed (via Techrights)

Adobe Typekit improves the Rosario typeface family

New Security Feature in Fedora 19 Part 3: Hard Link/Soft Link Protection (via Techrights)

Elevator pitch for Haskell short enough for an elevator ride

Meet the cloud that will keep you warm at night (via Advogato blog for pedro)

Vermont Is Mad as Hell at Patent Trolls and Is Not Going to Take It Anymore (via LWN.net)

Improving the security of your SSH private key files — Martin Kleppmann’s blog (via Hacker News Daily)

About NixOS (via Hacker News Daily)

Don’t abandon XMPP, your loyal communications friend

Stop Using Arial & Helvetica (via daniel g. siegel)

Creating Shazam in Java | Redcode (via dzone.com: latest front page)

Deploying a Web app in 14 days, No HTML.

Syndicated 2013-05-29 13:56:48 from Don Marti

QoTD: Bob Hoffman

Online advertising was supposed to be interactive. It was supposed to rescue us from having to force people into looking at our ads. Consumers were going to want to interact with us, they were going to want to have conversations with marketers, they were going to want to have relationships with brands.
It was all fantasies and delusions based on naive interpretations of consumer behavior by people who had a whole lot of ideological commitment to the web, and very little experience with real world marketing.

Bob Hoffman, Ad Contrarian

Syndicated 2013-05-24 14:17:52 from Don Marti

500 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!