No Such Weblog

Earlier this week, I submitted personal comments on ICANN's Nominating Committee Review process (report here). My main points: The confidentiality of the Nominating Committee's proceedings is actually a good thing, and should be preserved, even though we know it comes at a cost. Likewise, the unaccountability of individual members of the nominating committee is important. The chair is critical for the committee's success or failure. While the review report's recommendation to have the chair-elect serve on every given committee is a good one, its recommendations on the Associate Chair and Administrative Director would be positively damaging.

Besides this, there are a number of places where the report seems to recommend fixing issues where none exist; I recommend not doing that.

As far as the Nominating Committee's overall credibility in the community is concerned, I can only hope that, as more people experience its processes first-hand, understanding and acceptance will grow.

In Privacy versus cross-context aggregation, Wendy Seltzer points to stories by David Weinberger and Ethan Zuckerman about facebook's latest marketing coup: When facebook users go shopping online (e.g., with Blockbuster) then their shopping behavior is pushed to facebook and used for advertising. From Weinberger's description:

The new ad infrastructure enables Facebook to extend their reach onto other companies' sites. For example, if you rent a copy of "Biodome" from Blockbuster.com, Blockbuster will look for a Facebook cookie on your computer. If it finds one, it will send a ping to Facebook. The Blockbuster site will pop up a "toast" (= popup) asking if you want to let your friends at Facebook know that you rented "Biodome." If you say yes, next time you log into Facebook, Facebook will ask you to confirm that you want to let your friends know of your recent rental. If you say yes, that becomes an event that's propagated in the news feed going to your friends.

While, technically, Blockbuster can't look for a facebook cookie, it can give facebook the opportunity to look for it itself, and in the process hand off information about the purchase. That can be done through redirects, frames, or any other number of techniques. Some of these techniques involve JavaScript, some don't. Ultimately, what we have here is the return of the 1990s third-party cookie, but on steroids, and used not just to track users' page views, but to link business information across vendors.

(Not having either a facebook or a Blockbuster acocunt, I don't know what the precise technique used is; I'd be curious to learn more about that. If anyone feels like drilling down further, tamper data and Firebug are among the tools of choice.)

The more general point, though, is independent of the precise mechanism used to pass on the data: Today's Web is an environment in which applications have lots of opportunities to communicate among each other, to aggregate data, and to mash-up information from different sources. What is useful infrastructure in a Web 2.0 application becomes a privacy threat when used maliciously.

Enabling social processes becomes key: How can we make sure Web applications' data flows become comprehensible to users -- both from an infrastructure and a usability perspective? And how can we make sure Web application providers need to state their intentions transparently, providing levers for social and regulatory enforcement? These questions bring us back all the way to P3P; using P3P policies as a trigger for cookie handling in IE6 demonstrated how to use technical capabilities as a lever to enable at least some social transparency of business behavior.

Maybe we need another generation of simple policy languages that enable a similar tie-in, but for a broader set of use cases: Placing Cookies in HTTP headers is hardly the main concern any more. Forget cookies if you can get client side SQL and client-side global data storage. Forget web bugs for data leaks if Javascript can submit() forms cross-domain (and xforms have the same feature, but declaratively). And forget forms if events can cause the user's every keypress and mouse click to trigger an XMLHttpRequest() object to phone home (soon cross-domain). In today's environment, the ping attribute on links almost comes as a relief, as it enables easier spotting of tracking techniques -- along with easier tracking. If, as a community, we want to use technical levers to entice Web application providers to behave in a socially transparent and responsible way, then we need to take a comprehensive approach, start to understand what technical control points we still have, and how we can use them.

Meanwhile, our best chance to holding sites honest are the kind of public shaming that facebook is experiencing, law enforcement, and regulation (where applicable) -- if anybody notices what's going on, that is.

The year is almost over, and Richard Ishida reminds us that it's great circle mapper time again.

Here we go...

A close friend recently gave me Vernor Vinge's "Rainbows End"; in case you wonder about the spelling, there's a chapter called "the missing apostrophe". The book's subtitle is "a novel with one foot in the future", and as with most science-fiction, the foot in the present is the one that matters most.

Vinge introduces his reader to a not-too-distant future (2025). To build it, he does not need to break any laws of physics -- (almost) all he describes is built on some plausible and incremental advances over today's technological state of the art, and then some choices that societies might make (or rather, are making) about dealing with it. This world is, in some ways, post-apocalyptic: The next big California quake is a thing of the past, and (though the reader isn't bothered with the details) it's a great success that no major city has been lost for five years. 9/11 is really just a prelude to this world. Weapons of mass destruction are available to "anyone who has a bad hair day", and so this future is one of surveillance and an almost almighty security apparatus. Constraints on technology paired with surveillance are not just a matter of the Great Powers, though: Ubiquitous wearable computing comes with the possibility to subvert others' wearable computers; and there is broad and wide information sharing and use. Forget privacy. Also, right holders' wildest dreams seem to have come true: Microroyalty payments are built into the infrastructures.

How does one live in that society? Writes Vinge:

In the modern world, success came from having the largest possible educated population and providing those hundreds of millions of creative people with credible freedom.

The society that we encounter in this book, then, is focusing on all things creative and playful -- though some of that gets across as shallow, in particular to Robert Gu, one of the book's main characters, who has "lost his marbles" when returning from a decade of Alzheimer after application of a successful cure; meaning that he's lost both his world-class poetic talent and the ability to hit people where it hurts them most. In the cast of characters, Robert is joined by his grand-daughter Miri, his son Bob, and his dauther-in-law Alice -- along with the somewhat obscure (but key) Rabbit, and a number of security aparatchiks.

With the novel's always interesting and at times scarily plausible future society as a backdrop, these players engage into a tangled game of manipulation, hacks, and adventures, with nothing less at stake than freedom of thought. That story itself makes for an amusing and good read. It's merely serving as a tool, though, to explore the consequences of technological and social choices that we face today.

Overall, an excellent book, and a thought-provoking read.

Update 2007-11-29: The book is available as a free download now. (via BoingBoing)

It's major upgrade season again. As usual, I used yum to upgrade to the next major release (8, ever so tastefully codenamed "Werewolf") of Fedora. As usual, things went mostly smoothly, with a few glitches:

• During the upgrade process, yum stalled. After I killed it, the next iteration would fail during the "transaction check": My system had both the fc7 and fc8 versions of certain packages installed, and yum somehow was not able to figure out how to deal with the obvious conflicts between these. So I had to go through things by hand, throwing out all versions of the packages in question (rpm -e --nodeps), and then using yum to explicitly install them. That should have been automatic.
• Of course, the UI theme has changed a bit again. Fortunately not too much.
• My Thinkpad's hotkeys (Fn-F4 for suspend, Fn-F5 to turn bluetooth on or off) are suddenly routed through ACPI, so I had to make sure Fn-F4 is treated like a lid closure, and I had to drop in a trivial script to toggle bluetooth when Fn-F5 is detected. That, too, should just work out of the box, without me having to mess around with scripts. (Then again, being in full control of my ACPI setup also means that my machine doesn't suspend when the plug is pulled...)

Most remarkably, it appears as though the ever-flaky Suspend/Resume survived the upgrade. We'll see how reliably.

Later: The fun didn't last long. For whatever reason, the T43 decided to become a rather expensive paperweight shortly after it was all done, by not showing any useful signs of life after a reboot. I ripped out the power cord and the battery, I removed the hard drive, I removed the memory extension -- no change; I couldn't even get the startup message to display. I'm now back to my more than 4 years old R40 and Fedora Core 4 (which happened to still sit around on that machine, in an abandoned version of my home directory). Meanwhile, I'm contemplating the quality of IBM's warranty services (which I'll exercise again this Monday), and possible successors to the T43. Top candidates right now: T61, X61t (or X60t), or the black MacBook.

(I'm fortunate enough to have made a full backup of my home directory earlier today, so at least that's no reason for worries.)

Via TechCrunch: Deutsche Grammophon will open an MP3-based online music store this week.

The store will offer 24,000 albums and box sets encoded in a delectable 320 kbps (over the more standard 128-192 kbps). Six hundred of these albums are no longer available on CDs.

That's truly excellent news, in particular if you consider that Deutsche Grammophon is a label that has many brilliant "historic" recordings in its portfolio -- some Furtwängler, anyone? It will be interesting to see what unavailable albums this Web shop will make available again, legally.

Later: The Shop indeed looks promising. Unfortunately, while Costa Rica and the Philippines are covered, customers from the smaller EU country that I live in have no chance to buy any music there. The joys of living in a smalltiny country.