Monthly Archives: August 2005

Authenticating Web Bugs

Leave a reply

This is a long rambling post about an authentication trick I’ve not observed used in the wild. But it’s analagous to two tricks often observed in the wild. This trick is a way to do authentication. It is a hybrid of the web bugs, used by firms to build models of user behavior, and the trick of creating personalized Ads. Like Amazon does for it’s donation buttons.

Here’s the scheme. All authentication schemes sooner or later work by having some third party vouch for the user. At that point there are always, at least, three parties in the game. The user who wishes to be authenticated. The site that wants to get to know him. And finally the third party that already knows the user and who the curious site also trusts.

Lots of third parties get used for this. Paypal has a trick where they satisfy their curiosity by depositing some pennies into your bank account and then you prove that it’s your account by telling them how many pennies they deposited. They also get you to reveal your bank account data as a bonus.

Google recently adopted the trick of sending a SMS message to your cell phone. As an added bonus they get you to reveal you cell phone #.

The most typical technique is to have you reveal your email address and then the curious site sends you an email and you prove that is in fact your email address.

The bank, the cell phone company, the email address provider are filling the role of third party that can vouch for you. Of course these are more or less trustworthy. Any third party with a ongoing relationship might fill this role. You library, you government, your ISP, Amazon, Yahoo, Google, your OS vendor.

So here’s the trick. Any of these could offer a service to curious sites. When you go to set up a new account the curious site could place a web bug or larger image on account set up page.

The trick involves what we put into that image. What if we put a one time pin into that image? The user then copies the pin from the image into the account sign up page. The site he’s signing up with then takes that data and queries the 3rd party site to setup the account.

Of course a firm like DoubleClick can offer fraud protection services without the bother of getting permission from the user, and they could use web bugs to do that. But the key thing here is that the user is explicitly in the loop, he is implicitly granting permission for the trusted third party to help with authenticating him as he sets up the account.

Notice one key thing. While in the examples above the users bank account, cell phone #, or email address was revealed to the curious site. In fact the higher the level of trust the 3rd party enjoys the more serious the bit of information revealed. This scheme breaks that pattern. The 3rd party doesn’t need to reveal anything beyond the fact that they know the user. They don’t have to give up any account data. The user can remain pretty close to anonymous. Of course if more information needs to be revealed that can be arranged.

This scheme is slightly analagous to OpenID. In that system users are prompted by the curious site for their OpenID url. The site then uses that to fetch a page of info about them, and on that page is a pointer to a 3rd party that can vouch for them (well vouch that they control the page in quesiton). But actually this is quite different because the OpenID design forces the user to reveal a universal identifier, i.e. his OpenID url. While this system requires only that the user admit he has a relationship with the the trusted third party.

This is also analagous to the common scarab systems where a site places a branded scarab on their page and the user is encouraged to click on it to authenticate. These scarabs don’t need to be web bugs and usually aren’t. So unlike the Amazon donation scheme only the third party’s brand appear on them and nothing showing how the third party recognizes this users.

Scarab schemes didn’t gain traction in the market. The curious sites hated them because the threatened their customer relationships. The scarab vendors, like Passport, looked like they would stick their nose into the middle of the relationship. One term used for that entanglement is “account linking” the authentication site and the curious site both have account relationships with the user and part of the design for most of these systems involved linking these accounts. Another way to describe the fear that the scarab vendors would intrude on the the relationship of the curious sites is to say that they feared that one account would become subordinate to the other one. For example that before the user could get to his eBay account he would need to pass thru his dominate Passport acount.

The scheme outline here involves no account linking at all. The in this scheme the trusted third party X is only providing a single service – a means for the user to prove to the curious site that he has a relationship with X. That’s it. That’s less likely to threaten the curious sites.

The point of all that is that we reduce the threat to the user and the curious site.

This is also analagous to the capcha schemes. They present a puzzle to the user that by solving increases the site’s confidence that the user is a human. In this case we are asking the user to prove he has a sufficently high quality relationship with a third party site. Since such relationships are, presumably, difficult to obtain – i.e. they take time.

While there are two things I like about this scheme – very little is revealed about the user and no long term account linking is done – it is tempting to do a modicum of durable linking.

After the user enters the pin presented to him the curious site then queries the trusted site to see if that pin is valid. The trusted site can reply yes, no, or it might send back something more complex. Anything more complex implies either more revealing or more linking.

If the third party site hands back a token representing the user that allows further transactions about that user. For example if the curious site uses this to prevent spam his blog that token could be used later to report a spam event back to the trust site. that seems like a fine use. Of course it could also be used to send back more private or slanderous info about the user.

Tokens like the one in that example are common in account linking designs. They denote the linking.

Meanwhile if you suffered thru this entire thing I’m amazed! But here’s an amusing variation on this idea. How about a scheme were you can only comment on a blog if you make a small donation to one of the set of charities selected by the blog’s operator.

Upgrade your Open Source License, Cash back on your cell phone bill!

Leave a reply

This is a note about how to save a few hundred dollars on your Verizon cellphone bill, and why you should seriously consider switching from a BSD or old Apache style license to the new cooler Apache 2.0 license.

Standards reduce the diversity of behavior. Reducing that diversity creates efficiencies and free up resources for other activities, other kinds of diversity. In some cases the efficiencies are huge, as in the example standard of driving on the right. In other cases the efficiencies are subtle, as in knowing somebody is in your tribe and can be trusted to share a stake in the tribe’s commons.

To get a feel for how diverse a range of behaviors appears in the real world it helps if you can get a statistical distribution. For example I’d love to know the distribution over various forms of greetings: the quaker handshakes, namaste, high-five, etc.

Generally these distributions are power-law. The chart on the right shows the distribution of various open source licenses. It’s pulled from an earlier posting.

When a new kind of behavior appears on the scene you get a lot of diversity. People experiment with assorted approaches. Different people care about different things. Some people want a very short license. Some people want credit for their work. Some folks are concerned about protecting the commons. Other people want to encourage adoption. People revise sentences to make them more readable. Lawyers practice their craft, inserting proven boiler plate or look out for whatever they happen to think is in their their clients’ best interests.

These processes generate a lot of diversity, a lot of bogosity, and some innovation. Clearly the entire idea of an open source license was a huge innovation. The discovery that the license could protect the commons was huge. That licenses effect how your code creates and taps network externalities is still not fully understood and even less fully appreciated.

There is a lot of mimicry and random mutation. For example the Apache Group mimicked the license on BSD. A lot of people mimicked the Apache license. Some of those mimics just change the name of who held the copyright, but a lot of them added, removed, or rewrote clauses for various reasons.

This early stage, the bloom of diversity, is followed by a period of consolation. At one level that’s kind of sad. Some cool innovations die out, for example some of the rewrites that made the license more readable don’t survive. Some of the innovations fall by the way because they aren’t tied to the wagon of one of the big winners.

Some of it is good, very good. Craft knowledge accumulates. Interoperablity is enabled, Resources aggregate around the winners. The good ideas are aggregated. The newer Apache license is a perfect example of this process at work. The new license maybe a lot longer, which sad, but it’s a lot more robust. It solves a number of important problems. Problems that really need to be addressing. For example it is a lot more careful about protecting the code from malicious infection by contributor IP rights. It also solves some perfectly silly problems, like how to avoiding having to put your entire license at the top of every source file.

It’s interesting how the revision of licenses is exactly like the problem of upgrading an installed base of software. All those licenses that mimic the older Apache license are like an installed base. It’s very hard to get them to upgrade. The classic metaphor for upgrading an installed base is: Build them a golden bridge, and then set a fire behind them. I doubt anybody can implement that plan in the open source licensing world. I suspect people will try. But that metaphor is an interesting example of how a seemingly minor detail in the license in one time frame can become extremely valuable in a later time frame. It’s one reason that many agreements between a firm and a consumer typically contain a clause that allows the vendor to casually change them later. I gather that Verizon recently changed their cell phone contract and one fall out is that the subscribers can bail without paying the early termination charges.

It is clear to me, that people in the Apache or BSD licensing community would be well served by upgrading their licenses to the new Apache license. Just to be clear that doesn’t imply assigning copyright to the foundation. The new license is just plain better than the old one.

The license is here and the FAQ is here.

Leave a reply


That chart should say: $57K per household; or around $500 a month.

The chart is based on four predictions about the future:

  • Government services: track GDP
  • War: exit strategy lowers the cost to a third of current levels
  • Taxes:
    • Alternative Minimum Tax is revised to not bite the middleclass.
    • Bush’s tax cuts are extended.

You might be curious about how the Congressional Budget Office is manipulated into making assuptions about those that are so very different. For example why the war is entirely off their books.

Each of these has it’s constituency so you can see how the political battles are going to play out. For example there is $1.7 trillion in the Social Security Trust Fund. For example, at $100 dollars a barrel the Iraq oil reserves are worth $30 trillion.

Or you could come at from the other side and wonder who’s going to lend us that money. Currently Asia governments are said to hold $2.3 trillion of our paper.

emacs & ssh directory tracking via tramp

Leave a reply

I use tramp a lot in emacs to edit files on various machines. I also use ssh and shell buffers for all my terminal interaction. This patch lets you set ssh-directory-tracking to use tramp. The patch didn’t apply perfectly to my version of ssh.el, so there was some minor hand work. You then need to set the dir tracking to T. I also needed to change the ssh-tramp-tracking-mode from “sm” to “scp”. It made me happy.

Update:

My current version of emacs (Aquamacs) has this functionality baked in.  So now I have this in my startup file.

(require ‘ssh)
(require ‘advice)
(defadvice ssh (after ssh-fs-hook activate)
(message “tracking…”)
(ssh-directory-tracking-mode))

Asterisk: The Greasemonkey of Telephony

Leave a reply

I love it! GreaseMonkey as role model.

But, it’s an excellent analogy. Asterisk is a cool platform for clientside hacking. I gather there was a time long long ago when all the innovation in telephony ask taking place around PBX being sold to corporations. I gather that bloom of innovation was rolled up and moved back into the central offices after a while.

There is another round of innovation happening around asterisk.

Brian discussed some really creative uses, like an Asterisk based system using a webcam and other components costing under $100 that will ring the line of your choice when it senses movement. Or one of his students, who’s built an Asterisk based wakeup call system built for and used by his peers. Or a system that pings connections for his wireless ISP, and if receiving five timeouts places a call to the support technician including directions, problem description and more. Or a system that allows for a business with offices in geographies as varied as Boston and Tokyo to not only route support calls automatically to the office that’s open, but allow for local calling between them.

Asterisk isn’t particularly friendly, but even so none of those is particularly difficult. I wonder if there is a web site like userscripts.org for asterisk hacks; the closes thing is voio-info.org but that’s more a developer support site rather than a hub of hacks.

Open Source Office

Leave a reply

I see that Sun has set up an Open Source Office in a further attempt to bring some coherence to their strategy and tactics for relating to the open source phenomenon.

This kind of activity can be viewed from different frames. I, for example, haven’t the qualifications to view it thru the Java frame. But let me comment on it from two frames I think I understand pretty well.

Sun has done some reasonably clever standards moves over the years. As a technology/platform vendor the right way to play the standards game is to use it as a means to bring large risk adverse buyers to the table. Once you got them there you then work cooperatively with them to lower thier risks and increase your ablity to sell them solutions. Since one risk the buyers care about is vendor lock-in (and the anti-trust laws are always in the background) the standards worked out by these groups are tend to be reasonably open. Standards shape and create markets. Open enables vendor competition.

This process is used to create new markets, and from the point of view of the technology vendor that requires solving two problems. First and foremost it creates a design that meets the needs of the deep pocket risk adverse buyers. Secondly it creates a market inside of which the competition is reasonably collegial. The new market to emerges when you get the risk percieved by all parties below some threshold.

Open source created a new venue, another table, where standards could be negotiated. Who shows up at this table has tended to be different folsk with different concerns. That’s good and bad.

The open source model works if what comes out of the process is highly attractive to developers (i.e. it creates oportunities for them) and the work creates a sufficently exciting platform that a broad spectrum of users show up to work collegially in common cause to nurture it.

The goals of the two techniques are sufficently different that both approachs can use the word open while meaning very different things. It has been very difficult for Sun to get that. For example the large buyer, risk reducing, collegial market creating standards approach talks about a thing called “the reference implementation” and is entirely comfortable if that’s written in Lisp. The small innovator, option creating, collegial common cause creating standards approach talks about the code base and is only interested in how useful as feedstock for the product they are deploying yesterday.

It’s nice to see that Sun has created an Open Source Office; it’s a further step in coming to terms with this shift in how standards are written and the terms that define the market are negotiated. But, my immediate reaction was: “Where’s the C?” as in CTO, or CIO, etc.

What does the future hold. Will firms come to have a Chief level officer who’s responsible for managing the complex liason relationships that are implicit in both those models of how standards are negotiated? I think so. This seems likely to become as key a class of strategic problems as buisness development, marketing, technology, information systems, etc.

Open source changes the relationship between software buyers and sellers. It has moved some of the power from firm owners and managers down and toward the software’s makers and users. But far more interestingly it has changed the complexity of the relationship. The relationship is less at arms length, less contractual, and more social, collaborative, and tedious.

This role hasn’t found a home in most organizations. On the buyer side it tends to be situated as a minor subplot of the CTO’s job; while of course the CIO ought to be doing some as well. On the seller side it’s sometimes part of business development or marketing even. That this role doesn’t even exist in most organizations is a significant barrier to tapping into the value that comes of creating higher bandwidth relationships on the links in the supply chain.

This isn’t an arguement about what the right answer is because the answer is obvious some of both models. Some software will be sold in tight alignment with carefully crafted specifications and CIOs will labor tirelessly to supress any deviance from those specs. Some will be passed around in always moving piles of code where developers and users will both customize and refactor platforms in a continous dialog about what is effective. The argument here is about how firms are going to evolve to manage the stuff in the second catagory. That’s not about managing risk, that’s about creating, tapping, collaboratively nurturing opportunities.

Vectors

Leave a reply

Evolution of Infectious DiseasePaul Ewald’s book is a rant against conventional wisdom. It opens with a flat out denial: parasites and diseases do not tend to evolve toward more benign relationships with their hosts. The conventional wisdom is based a series of just so stories, an optomism that would do Pangloss proud and a Kansas school board model of evolution.

This stuff has consequences. It’s actionable. Bacterial, viruses, etc. evolve very quickly. When we change their environment they are almost always find ways to leverage those changes. Decisions about public health can leverage that in positive ways. Or, they can blindly ignore it and creating horrible unintended consquences.

I read, rather than skimmed, the whole book because the stories are rich in analogies to the stories I’m most interested in: those about middlemen, platforms, and networks. For example mosquitos act as a intermediary for malaria. In this domain they are called the “vector.” Like the postal system, UPS, or the rail roads they provide transportation services. Understanding many of the stories in this book demands picking apart how how the infecious agent evolves in the face of pressure from both the distribution channel and the host. If the nature of one changes the bacteria (virus, tape worm, etc.) changes to strike a different balance.

There is a facinating insight here: severity of the disease is tied to the nature of the distribution channel. For example diseases which use mosquitos for as their vector, like malaria, are usually more severe than airborne diseases. A mosquito borne disease tends to be severe so it can immobilize it’s host and assure that the mosquito has an easy time feeding and when it does it’s meal contains carries the infection. If we can arrange for the patients to be moved into well screened houses where they can’t be reached by the mosquitos then this scheme falls apart. In which case it’s preferable for the affliction to evolve to keep their hosts mobile – i.e. a less severe varient of the disease emerges. This kind of modeling suggests why the common cold is relatively benign (it needs to keep the host mobile). It is very suggestive about why the trenches and field hospitals of the first world war may have generated the 1918 influensia epidemic; where the army provided continual supply of fresh hosts and mixed them intimately with those infected.

Key to many of the interesting scenarios around networks, standard, and businesses are the situations where the links are made between two different groups and these stories with the disease is the leveraging services of two distince parties seem quite analagous. A middleman, in a business context, covers his expenses by charging the parties on either side, usually differing amounts. So the dating service will charge men more than women while eBay will charge sellers while it advertises to buyers.

The same pattern happens here. Malaria is reasonably benign from the point of view of the mosquito. Analagously the fraud around eBay, the broken hearts around dating services, the viruses on Windows, the spam in your mail box are all reasonably benign from the point of view the intermediaries.

Reading this book you begin to think that any time you see mixing between two classes of actors you need only look and you’ll find a parasite that’s discovered a way to play the middleman. The stories I found the most disturbing are the ones where caretakers become the vector. There is a disease of coconut palms that uses the machette’s of the plantation workers as it’s vector. That story has the horrible plot twist that there are two ethnic groups and only one of these group’s plantations were infected. It had nothing to do with how they ran the plantations, only that the disease agent was issolated because the two groups never exchanged machettes.

He believes, but doesn’t quite have the research to prove, that many of the horribly virilent diseases that have emerged in hospitals over the last few decades can be explained, and then controled, by using these ideas. That these deseases have evolved so they can use the doctors and nurses as vectors and the patients as hosts. The key to pulling that off is to evolve to be benign in the vector and virilent in the host. Any difference between patient and caretaker is an opportunity waiting for a mutation to leverage. Newborns are particularly rich in these differences. So are patients taking antibiotics because they have suppressed their entire spectrum of bacteria. There is an ugly story about an outbreak of murderous diarrhea in Chicago. All cases were traced back to 27 hospitals; but how did they spread between the hospitals?

Escaping the Long Tail – an infectious disease example

Leave a reply

Imagine the plight of the poor bacterium. It want’s to be a big player, but it’s just one of a huge number of bacterium and it’s tough climbing up the rankings. First off it needs to get past that huge barrier to entry, the stomach. Very occationally it manages that. But now it discovers that the ecology it’s entered, the intestine, is crowded with vast numbers of natives. These guys aren’t very welcoming. Worst yet they are well adapted to local market conditions. Early adopters I suspect. What to do?

Evolution of Infectious DiseaseCholera’s solution to this problem is to: appeal to the Government, manipulate the platform vendor, trick the host body. It delivers a swift kick to the digestive track wall, via a toxin, and the host body flushes the entire digestive track. This empties out the ecology of all those pesky competitors. The end result is that Cholera’s ranking isn’t so far down the tail anymore.

I wonder if there is an example of this pattern in business. The direct analogy would require a platform vendor who regularly deals with bad actors by flushing out the entire ecology. Sort of like the police clearing out a marketplace when ever fights start breaking out among some of the market participants. Democratic governments with regular elections might be an example. A varient of the classic problem of regulatory capture. Which then reminds me of the phrase “A new broom sweeps clean.”

In point of fact Cholera’s not particularly interested in capturing the host’s regulatory system. The goal is actually to achieve the maxiumum reproduction and then to spread successfully thru it’s distribution vector; i.e. the water supply.

Some of the management cult memes exhibit that pattern. They aren’t particularly focused on enhancing the operations of the firm but instead infect the minds of the employees who then leave carrying the memes to other firms. Their success is then enhanced by triggering the exodus of existing employees.

Escape from the Long Tail

1 Reply

Ian Holsman wonders about what causes things to rise up out of the long tail. That, certainly is the question! It’s the question the activist asks; how do I get my movement to move? It’s the question standards maker asks, how do I get folks to climb on my bandwagon? It’s the question the entrepeur asks, how do I launch my product, generate my buzz. It’s the question asked of the infectious desease in the jungle, will you become the next plague? It’s the question asked by the investor, when is this idea about to sweep thru the crowd becoming the conventional wisdom? It’s the question that every open source project asks, what keeps the community together and moving forward? All of these domains have answers to the question. It’s amazingly tedious reading your way thru it all!

This question seems to illuminate one of my problems with Chris Anderson’s The Long Tail. He noticed that some business models have managed to dodge this question. They avoid answering the question by betting not on an idea but instead on a vast portfolio of ideas. These businesses are not in the long tail; they are leveraging it. They solve some problem, distribution say, that is widespread. That’s a good thing, and solving it creates advantages for members of the long tail. That creation of advantage energizes them, makes them more mobile, helps them get out of the jungle and into the cities where they can spread more casually.

What Chris is calling the long tail business models are like whales. They feed by straining the vast watery long tail drawing a calories off the occationally lumpy bits So it’s not surprising that Chris frames the Ian’s question in terms of filtering. That’s how the large firms see it. But that isn’t how the small entity sees it.

The whales that Chris first noticed were disruptive about distribution channel; i.e. Amazon, Netflix, etc. can have seemingly infinite shelf space. The giant box stores like Home Depot are another example of this kind of monster. Google, for example, a whale of the filtering kind. What I think of as the “findablity” problem. The Yellow-pages was a precursor of that kind of beast.

The commercial answer to Ian’s question? Buy ad sense ads?

Giving it all away, just to get rich.

1 Reply

Paul Kedrosky writes about the source of superior investment returns; which states that the key is to find the actionable investments where you disagree with the consensus. Certainty, say that gas prices will move in a direction different from the consensus estimate, is one thing but then what action do you take?

In my noodle this got mixed up with a model of group forming I’ve been meaning to write up. It’s from a paper that Karim passed along. In this model the group has a consensus model of the world, while it’s members have their personal models. Call these vectors in belief space. Over time the group’s model shifts, if you are optimistic about the wisdom of crowds it shifts toward the truth. The member models also shift toward the group’s model via socialization, indocrination, etc.

It’s fun to draw analogies between that model and some of the other models (1, 2, 3) of groups.

More interestingly though. One of the canonical dozen questions about open source is why members freely reveal: relinquishing ownership what are presumably valuable bits of knowledge to the commons. You can ask that same qustion in an investment context.

Let’s say you are confident that we are about to transition over Hubbard’s peak and the price of oil will sky rocket. Do you reveal this knowledge to others? To first order the investment answer is no. Instead you go find actionable investments (say long haul railroads on the upside and trucking companies on the downside) and then you just stand by and wait to get rich.

But investing is a funny thing. You get your prize when the consensus model comes into alignment with your investment. Predicting the movements of the consensus is what counts, that’s only somewhat aligned with accurate predictions about reality. When calculating when you’ll be able to cash out the question isn’t “when will I be proven correct” it’s “when will the crowd believe I’m correct.” The sooner that happens the better the investment oportunity.

Investments based on any number of certain events (peak oil, global warming, China’s currency, the US balance of trade, Iraq’s oil reserves, etc. etc.) are most highly leveraged just at the moment before the crowd begins to take them seriously.

For that reason you might freely reveal your more accurate model in the hope of accellerating the crowd’s phase transition out of it’s delusions.

One driver of free revealing can be an entirely selfish attempt to increase the net present value of your investments.