QoTD: Bruce Sterling
Even US Senators are decorative objects for the NSA.
An American Senator knows as much about PRISM and
XKeyScore as a troll-doll on the dashboard knows about
internal combustion.
QoTD: Bruce Sterling
Even US Senators are decorative objects for the NSA.
An American Senator knows as much about PRISM and
XKeyScore as a troll-doll on the dashboard knows about
internal combustion.
Point of order: web site login
This started out as a comment over at the Doc Searls Weblog but IMHO it's worth repeating and expanding. Because someone actually made a working solution to a large-scale problem.
Mozilla Persona is full of win.
Especially compared to “social login.”
Mozilla Persona is not just "log in with [big web company]" with a better logo. It's different, and way, way, better. If you're still complaining about the web login problem, you probably just don't understand Mozilla Persona well enough.
Why? RTFAQ.
The BrowserID protocol never leaks tracking
information back to the Identity Provider.
So you can use your @example.com email addres to log in to whatever sites you like, and example.com never knows which ones.
If your site login method is based on “let’s make users remember complex strings of text, which we know people are really bad at” or “let’s depend on having our users tracked by big companies, which we know people hate” you need to take a short hacking break. Make a simple web application that uses Mozilla Persona, learn how excellent it is, and then never go back.
Bonus link: OAuth
of Fealty by Ian Bogost. The short truth
is this: Facebook doesn't care if developers can use
the platform easily or at all.
And Mozilla would never do anything like that, right? (Seriously. Please don't. Mozilla Persona fanboy here—if you mess it up I'll look like the web authentication version of Zune Tattoo Guy.)
Learning from Second Amendment defenders
The IT industry in the USA depends on the First
Amendment and Fourth
Amendment just as much as the
firearms and ammunition industry here depends on the Second.
Today, though, Second
Amendment rights in the USA are in much better
shape than First or Fourth Amendment rights, and the
collapse of the First and Fourth is
now a high-profile problem for
the nation's IT business. We're
failing
dangerously
where so-called Gun Nuts
have
been succeeding for decades. What are Second
Amendment-based companies getting right that First
and Fourth Amendment-based companies are getting so terribly
wrong?
When a First/Fourth-hostile
regime comes into effect, companies have
to comply, just as firearms manufacturers
have to comply with Second-violating laws when
those pass. But every industry in the
USA basically writes the laws that apply to it. Petroleum
products cannot be
hazardous waste, by definition. The
Pillsbury Doughboy collects a government paycheck.
You
don't need me to go on here. Lobbyists tell Congress,
"If you could pass this set of laws to cover our
industry, that would be super helpful, mmmkay?"
and Congress says, Yes sir.
So why have we as an industry failed on First and Fourth Amendment protections? Because we're not doing some basic political tasks that the Second Amendment crew is doing right.
Fan-friendly vintage products
Firearms sellers understand and use the endowment
effect. For example, users
are happily keeping and using M1911
pistols, based on a century-old design by John
Browning. And even buying newly manufactured
ones. When Grandpa goes to the store for a vintage
product like he's used to, he can get one, not a forced
upgrade to flat design.
Should IT companies devote valuable staff to
maintaining vintage versions? Not necessarily. The largest
producer of M1911 pistols is a company called
Kimber, founded more than 50 years
after Browning's death.
It's hard to imagine a IT company throwing an old
product over the wall instead of killing it. The
conventional wisdom is to do everything possible to
prevent competition with old versions. But now that
the market is mature, we can reconsider that.
Keep the fangirls and fanboys happy, and they'll be writing letters
to Congress instead of THIS NEW VERSION
SUX0RZ!!1!
rants.
Stick together on the basics Ever see a revolver manufacturer come out for a ban on semiautomatics? Or a manufacturer of long-barrelled firearms come out for a ban on short-barrelled ones? Manufacturers treat policy debates as off limits when seeking competitive advantages. One exception, the case of a CEO who wrote one letter to Congress supporting a magazine capacity limit in 1989, was controversial at the time and provokes boycott discussions even today. The Second Amendment scene understands divide et impera pretty well by now. Meanwhile, IT vendors will throw each other, or users, under the bus for a short-term advantage over some other vendor. And incumbent vendors cheerfully support laws that lock out new startups.
The results of that quarter-to-quarter thinking are coming home to roost. Pursuit of lock-in can be great for sales, short-term, but locked-in users can't switch vendors as fast, which makes every vendor's OODA loop unnecessarily slow. Thanks to the decision to pursue lock-in, we've gone from innovation to stagnation and squabbling, and just making everyone rebuild their stuff over and over for different platforms. Meanwhile, the firearms business is letting users swap in independently developed parts while keeping their platform investments. It's news when an IT person makes noise about We do not break userspace! but mature markets take that for granted. <pullquote>The IT industry isn't a baby any more. So it's time to stop raising it on the steroids of forced upgrades and the crack of lock-in, and move it up to the whole-wheat goodness of sustained customer value.</pullquote> Worst pull quote ever. You're basically saying that you'd give steroids and crack to a baby. Also, gluten moms. —Ed.
Product-membership bundling The Second Amendment industries have the NRA, and we've got the EFF. Even accounting for the fact that the NRA is a century older, the EFF is relatively small compared to the user population it serves.
A key part of the NRA's success is vendor cooperation
on membership drives. Just one example: REDRING
Offers 5-Year NRA Membership & Redring Shotgun Sight
Package at 2013 NRA Show.
I have also seen an NRA
membership deal at a company that offers ammunition
reloading supplies. Powder, add to cart, primers,
add to cart, a year of NRA membership, add
to cart. Simple.
IT vendors could easily add EFF membership to product
and service bundles. Yes, the EFF does call out
some vendors on problematic programs, but see stick
together on the basics
above. As the industry grows
up, we'll be putting less and less importance on
infighting, and more on staying in business for the
long term.
Conclusion With the Second Amendment safe for the foreseeable future, and firearms vendors sitting on more orders than they can fill, (thanks largely to NRA publicity—that product-membership bundling was worth it, wasn't it?) a lot of Marketing and Public Policy people there are probably getting a little bored. Time for the IT business to hire some.
(photo: Jan Hrdonka for Wikimedia Commons.)
Deluxe file sync setup for $300
Here's an opportunity you don't see every day.
Send Joey
Hess $300 and he'll work with you to set up
the best possible git-annex system to meet your
needs.
Git-annex is software to sync your files to
multiple devices, including computers and phones,
along with keeping your stuff up to date on your
backup drives and cloud services.
Git-annex gives you a lot of options. Just as Dropbox isn't tied to one platform, git-annex isn't tied to one platform or to one service. You can sync your files to dropbox.com or to a long list of other services. Or use your own server, or use external hard drives. Here's an opportunity to get help figuring out how to make it work for your own projects.
(previously: The most important $11,123 in the software business?)
QoTD: Avdi Grimm
No, [Linux] doesn’t have an official reference platform,
not even whatever PC Linus happens to be using these
days. But for developer workstations, there’s a
de-facto reference platform, and it’s called a
ThinkPad. If you’ve been using Linux for any length of
time you know that if you want a linux desktop machine
to Just Work, you buy a ThinkPad. There is a
self-reinforcing cycle that perpetuates this
phenomenon. Linux developers tend to use ThinkPads, so
they tend to make sure that the hardware is well
supported, so Linux developers tend to buy more
ThinkPads, and so on. I don’t know where it started,
but that’s how it works.
QoTD: Ron Paul
My understanding is that espionage means giving secret
or classified information to the enemy. Since Snowden
shared information with the American people, his
indictment for espionage could reveal (or confirm) that
the US Government views you and me as the enemy.
—Dr. Ron Paul
Believing Bullshit
Why do people believe bullshit? The problem of producing it is covered in Harry G. Frankfurt's On Bullshit, but why believe it?
It looks as if believing an organization's bullshit is an inexpensive way to signal loyalty to the organization. Signaling through contribution requires skill×effort. Believing bullshit requires little effort and there's no multiplier for skill.
Although signaling loyalty through bullshit-belief can be a good strategy for a member, there are clearly adverse consequences for the organization. The organization fails to capture extra, potentially useful, work done as a by-product of loyalty signaling through contribution. Ineffective managers within the organization can manage based on loyalty as shown through bullshit-belief rather than having to evaluate results. And members make incorrect decisions based on bullshit, not reality.
The obvious answer is for the organization to produce less bullshit. Most of the time, the decision to believe something isn't based on what belief is correct, but on what belief shows loyalty. If the bullshit isn't there, the opportunity to believe it is gone. However, much as it would help to have fewer opportunities for members to signal loyalty by bullshit-belief, the organization may need to continue to produce bullshit for other reasons.
A more realistic answer is to give members opportunities for showing loyalty that do not require either effort, which is costly, or bullshit-belief, which is harmful. For example, provide silly-looking clothing for members—anything that people would choose to wear only to show loyalty, and not for other reasons. Or invite members to participate in rituals, as in agile software development methodologies.
(Bonus link: Michael O. Church on the MacLeod Model of organizational sociology.)
Advertising and privacy link dump
First of all, go read Bob Hoffman, Ad Contrarian. Samples: Blogger Math Takes On Facebook Where Are The Brands? The Cheats vs The Morons Coca-Cola: Fizzy Goes Fuzzy Online Advertisers Getting Hosed Time To Clean Out The Stables
More links on advertising and privacy...
Mathew Ingram: Guardian kills its Facebook social reader, regains control over its content
TechCrunch's teachable moment: media sites must own the conversation | Dan Gillmor
Bizarre Upper East Side marketing orgy
: Small Ads
Terry Heaton's PoMo Blog: TV
numbers add up (to a BIG problem) Ads on TV
crossed the line of viewer disrespect a long time
ago.
George Simpson: I have spent the better part
of the last 15 years defending cookie-setting
and tracking to help improve advertising. But
it is really hard when the prosecution
presents the evidence, and it has ad industry
fingerprints all over it -- every time.
in Suicide
By Cookies (via Doc
Searls Weblog and Mozilla
Privacy Blog)
Joshua Koran: The
Real Costs of Cookie-Blocking. This
inadvertently centralizes consumer activity to just a
few players, which according to privacy advocates would
help lead to the very "Big Brother" centralized
database of consumer activity that they are trying to
prevent.
Measuring Brand Lift With Google Consumer Surveys
How Affiliate Adware Affects Your Revenue
Google Takes the Dark Path, Censors AdBlock Plus on Android (via Anil Dash)
Login should be personal and
minimal first, social later.
Users
don't like social login
Ben Adida: Firefox is the unlocked browser. (Let's hope they get the user agent string fixed, though.)
Why we should all worry about being tracked online | James Ball
Jeff John Roberts: Massive bot network is draining $6 million a month from online ad industry, says report
Jeffrey F. Rayport: Advertising and the Internet of Things.
Daniel Lawton at Knife Depot: How Google Sliced Away Our Knife Ads
Curt Woodward: Newspaper Paywalls: Here's Why They’re Really Doing It.
Rebecca Waber: When
Ads Get (Too) Personal. As media — and
the advertising seen on it — become more focused
on smaller groups of individuals, we see less of
the same advertising content as other people do. And
that's a potential blow to advertisers for several
important reasons:....
The Security Skeptic: Ad
Industry Attacks Against Mozilla Reveal Poor Choice
of Campaign Role Models. But rather than
mounting a campaign that attacks Mozilla directly,
IAB/ANA strategy is focused on scaring users by
threatening more advertisements.
Richard Stacy: Why
social media is a dangerous concept. Social
media only really works on the basis of speaking to
small groups of people or individuals. It hardly ever
gives you the scale or reach we assume is associated
with the term media.
Eric Picard: How
targeted advertising can be saved.
At some point, the browsers are going to
unilaterally put an end to this debate about
online privacy and advertising tracking.
More: Our
industry's unethical, indefensible behavior.
People are claiming that if we stop the
targeting, all the value in this industry will
bottom out—that another bubble will burst, and
advertising Armageddon will follow. I disagree. I
believe a huge amount of value can be generated
without marginally ethical behavior.
Also: Why
consumers think online marketing is creepy and The
real reason consumers are creeped out by online
ads.
Alan Schulman: Algorithms
Don't Feel, People Do. This balance between
medium and message has largely been lost, as we seem
more seduced by the algorithms — the containers and
software solutions for delivering messages to devices
— than the evolution or effectiveness of them.
Dax Hamman: Why
retargeting is fundamentally broken. Do we not
recognize that all that advertising we see in
magazines, on TV or hear on the radio is influencing
our decisions? And yet under the digital model of last
touch, all of that value and influence is simply
ignored.
Facebook Knew I Was Gay Before My Family Did
Jack Neff: Nielsen Now Tracks (Almost) Everything You Buy
Why data leakage is hurting our industry
3 things about the privacy debate that don't matter
How a banner ad for H&R; Block appeared on apple.com—without Apple’s OK | Ars Technica
Dan Gillmor says journalists are uninformed about who controls the platforms they publish on
Ken Dreifach: The
New NAI Draft Code: What Ad Networks, Platforms
and Exchanges Need to Know. The Draft Code
“prohibit[s] member companies from using [locally
stored objects] for online advertising activities.
Steve Smith: Is
'Do Not Track' And Opt-Out Already Impacting Audience
Value And Pricing? The report contends that
this increase in the share of users either without
cookies or without third-party data is likely a
result of enhanced public awareness of do-not-track
and opt-out mechanisms. As browsers like Mozilla’s
Firefox and Microsoft’s Internet Explorer make
the do-not-track flag or cookie blocking the default
modes,this share is likely to rise.
Tom Hespos contemplates a
future without third-party cookies: Could
digital survive losing the cookie? Power
would begin to shift back toward single sites with
large traffic volume. In the absence of third-party
cookies, after all, marketers would have to rely
solely on data captured by individual sites in order
to target ads in any compelling way.
More: Why
advertisers need to lose some pricing control
Peter Swire: Open Letters To... | How to Prevent the ‘Do Not Track’ Arms Race (via HubSpot's Inbound Marketing Blog). (Really? Adtech firms are going to replace cookies with "even more sophisticated tracking methods"? All that would do is bring smug cookie-blocking users who are now bored with the whole thing back in for another round.)
John Battelle on the return (or did it ever go away?) of click fraud: We’ve Seen This Movie Before…On Traffic of Good Intent. More: When It’s This Easy To Take Someone’s Money…. Also, Publishers, Ad-Tech Firms, Marketers Need to Connect, Build Trust. (Let me get this straight. 1. Adtech system teeming with fraud. 2. ??? 3. Participants in this system should begin trusting one another.)
The Cookie Has Five Years Left Says Merkle's Paul Cimino (via HubSpot's Inbound Marketing Blog)
Mozilla Blog: Mozilla’s new Do Not Track dashboard: Firefox users continue to seek out and enable DNT
David Kaplan: Casale Finds Browsers' 'Do Not Track' Reduced Cookie Values
Alexis C. Madrigal: If It Wasn't the Pregnancy Tests, Why Did Baby Catalogs Start Arriving at Our House?
Mary Hodder and Elizabeth Churchill: Lying
and Hiding in the Name of Privacy. A large
percentage of individuals employ artful dodges to
avoid giving out requested personal information online
when they believe at least some of that information
is not required. These dodges include hiding personal
details, intentionally submitting incorrect data,
clicking away from sites or refusing to install phone
applications. This suggests most people do not want
to reveal more than they have to when all they want
is to download apps, watch videos, shop or participate
in social networking.
Dan Hon: 2p
– The tyranny of digital advertising.
Ultimately, digital display advertising is boring
and suffers from a glut of oversupply. This is why we
have a pseudo holy war going on between the display
advertising folk and the native advertising folk:
because people ignore interruptive display advertising
and pay attention to interesting content.
Steve Sullivan: Prepare to Board the Viewability Train with IAB SafeFrame
Mozilla Blog: Personalization
with Respect. Mozilla aspires to enable
personalization—the customization of ads, content,
recommendations, offers and more — that doesn’t
rely on the user being in the dark about who has
access to that information, and with whom that
information is shared.
Mike Volpe: 10
Horrifying Stats About Display Advertising (via Internet
Marketing Blog by WordStream) You are more
likely to complete NAVY SEAL training than click a
banner ad....About 50% of clicks on mobile ads are
accidental.
John Ebbert: IP Targeting May Replace The Cookie, Says AcquireWeb (via Goodway Group Blog)
Eli Goodman: As Digital Ad Effectiveness Measurement Improves, Are Branding Ad Dollars Ready to Follow? (Sure, if the privacy protection is there. Otherwise, online ads carry all the signal of an incoming email spam.)
Joe Mohen: RTB Is the Most Overhyped Technology Ever
Kevin Conroy: The Third-Party Cookie Divide Is Debilitating the Industry
Ken Doctor: The
newsonomics of climbing the ad food chain.
Publishers describe their digital ad woe
with these terms: “price compression,”
“bargain-basement ad networks,” and “death
of the banner ad.” Each describes a world
of hyper-competition in digital advertising
— a world of almost infinite ad possibility
and unyielding downward pricing pressure.
(via Street
Fight)
Internet trend: unexplained value of print ads
Making the rounds: Internet Trends 2013 by Mary Meeker and Liang Wu at Kleiner Perkins Caufield & Byers.
2012 was a big year for adtech, so the share of people's time and advertisers's budgets that print pulls in should be steadily declining, right?
The December 2011 numbers in the 2012 version have print at 7% of time spent and 25% of ad spending. For December 2012, print has 6% of the time and 23% of the money.
So print's time is down by 14% and money is down by 8%.
There's no correction toward digital. Print continues to command an unreasonably large share of advertising budgets. Spending is down, but proportionally not as much as time.
With the trendiness and bubblyness of digital, we'd expect it to go the other way.
Something deeper than click fraud is going on here. Print is inherently more valuable because it's less trackable, and carries a better signal, and we keep seeing that in these Internet Trends reports.
Software development links, again
Making the rounds...
Git branch / merge: not as easy as advertised
Cray-zy progress! We have boot!
3 things I set on new servers | Simon Holywell - Web developer in Brighton
Components Becoming Major Source Of CVEs (via Wild Webmink)
A short introduction to TPMs (via a technology job is no excuse)
git? tig! (via Hacker News Daily)
coolwanglu/pdf2htmlEX · GitHub (via One Thing Well)
HTTP as Imagined versus HTTP as Found
A Saudi Arabia Telecom's Surveillance Pitch (via Center for Democracy & Technology)
The Go Programming Language Blog: Go 1.1 is released (via LWN.net and The Promised Planet)
Why Go? (via dzone.com: latest front page)
PostgreSQL New Development Priorities: Scale It Now
Your Jabber ID as your Persona identity
Alternatives To Git Submodule: Git Subtree
Volatile and Decentralized: What I wish systems researchers would work on (via Journal of a Programmer)
Francois Marier: Three wrappers to run commands without impacting the rest of the system
pybit 1.0.0 - distributed, scalable builds direct from VCS or archives
Always define the language and the direction of your HTML documents, part 02: Backwards English
Prefetching resources to prime the browser cache for the next page
Linux System Programming, 2ed (via Techrights)
Adobe Typekit improves the Rosario typeface family
New Security Feature in Fedora 19 Part 3: Hard Link/Soft Link Protection (via Techrights)
Elevator pitch for Haskell short enough for an elevator ride
Meet the cloud that will keep you warm at night (via Advogato blog for pedro)
Vermont Is Mad as Hell at Patent Trolls and Is Not Going to Take It Anymore (via LWN.net)
Improving the security of your SSH private key files — Martin Kleppmann’s blog (via Hacker News Daily)
About NixOS (via Hacker News Daily)
Don’t abandon XMPP, your loyal communications friend
Stop Using Arial & Helvetica (via daniel g. siegel)
Creating Shazam in Java | Redcode (via dzone.com: latest front page)
New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.
Keep up with the latest Advogato features by reading the Advogato status blog.
If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!