Freemium signals stability

Leave a reply

SugarSync, a well liked Dropbox competitor, announce it would no longer offer a free pricing plan.  Josh Gans says all the usual things over here, plus one more thing:

That said, it is hard to see this move as a positive one for the company. One of the things I worry about with backup services is that they will always be there when I need them. But the worry is that the company may go under. This move from SugarSync does not inspire confidence in this regard. It is suggestive of a company under pressure and looking to a possible change in industry practices to keep it going.

It’s true.  You appear mean, desperate and weak If you don’t give a lot.  That’s not an industry practice, it’s a universal.  The details vary.

Selling out your Friends

Leave a reply

Robert Shiller: “It’s not the financial crisis per se, but the most important problem we are facing now, today, I think, is rising inequality in the United States and elsewhere in the world.”  And he won a Nobel Prize.

I have a theory about this problem.  Think of the set of all the world’s supply chains as a network.  I think we need to grow this graph so it’s a lot more bushy at the low-end.  Shrubbery!   I guess this theory shares a lot with Bill McKibbon’s ideas in Deep Economy; or the Prahalad’s ideas in Fortune at the Bottom of the Pyramid.

‘I don’t keer w’at you do wid me, Brer Fox,’ sezee, ‘so you don’t fling me in dat brier-patch. Roas’ me, Brer Fox,’ sezee, ‘but don’t fling me in dat brier-patch,’ …

I continue to harbor great optimism about the Internet,  It can help us with this.  The Internet has an amazing power to enable communities of common interest to form.  These communities are great of shubbery.  Precursors of commerce?  Maybe.

But, it’s worth chewing on the ideas in “how to lose friends and family via mult-level marketing” a posting that Andrew highlights.  Andrew introduces the idea that MLM schemes provide a way for people to liquidate (e.g. convert to cash) their social networks.  Liquidate is what you get when your done the monetizing a social network.  Lots of people are into that.  Monetize – what a word!  What can’t we monetize, my cat?

So while I love the Internet’s power as a host of community forming I must say I’m taken aback by how rapidly capitalism has evolved businesses models that feed on these tender shrubs.

Ironically my social network got infected by one of these parasites just today.   A friend signed up for Venmo, a p2p payment company, and they posted this exciting fact to Facebook on his behalf.  I admit to an unhealthy curiosity about these emerging currency systems.  For example, I think Bluebird is very interesting.  So I went and signed up for Venmo and installed the app.  A few moments later I was distressed to discover it was scanning the entire address book on my phone, maybe a few thousand entries.  If you want to use thier payment network you have to hand over your contacts.  No way to void it.  So I uninstalled, etc.  Who knows if that helped?

I totally get that building out “the network” is an existential issue for companies like Venmo.  Desperate need is an excuse in a starving man, is it an excuse for a start up?  Not that you need to worry about Venmo.  Venmo got bought, and the buyer then got bought by Paypal.  So they captured and sold a network.  That this is what most internet startups need to do worries me.

Returning to shrubbery as a tool to work inequality problem.  No doubt there are many much more ethical ways to convert the small communities into engines of economic activity.  It would be great to have a list.  No doubt looking at MLM business models would inform that search.

Lost Prevention v.s. Insurance Companies

Leave a reply

Consider a fire insurance company.  It sells you some fire insurance.  A bit later you get a letter.  They offers to drop by the house and do a free consultation on how you might lower the risk of fire in you house.  This seems clever and wise on the part of the insurance company.

This is why the insurance industry is very active in setting safety standards across most industries.  A lot of social benefit arises from the pooling of risk, and this kind of standard setting is an example of that.  Agency is not always bad, eh?

But does it ever go the other way?  Can we find perverted situations where the insurance company wants more claims?  Were the loss prevention department becomes the loss assurance department?  Yes we can.

In this story we see the phone companies have intentionally avoided taking steps that would reduce loses that they sell insurance against, i.e. stolen phones.  They intentionally engineer things so there is a vibrant market for stolen phones.  That assures more phones are stolen. That increases demand for insurance.   Insurance policies is very profitable.  It’s good! for the phone company that least.

“Nice phone you got there, would be a real shame if something bad happened to it.”

I’ve written before about scenarios where the problem solver becomes the problem’s advocate.

Using the Referer header in Authentication

Leave a reply

My blog got hacked again yesterday.  Luckily my automation caught it within the hour and I cleaned it up a few hours after that.   It remains a mystery how they got in.  (Update: I’m an idiot and there was an extra testing account that was poorly provisioned.)   I can see signs of a short brute force attack attempting to login in the right time frame.  But I doubt that worked.  I have exceptionally obscure passwords, and I use two factor authentication

But this got me thinking about assorted other ways I could make login a bit more secure.  I could limit which IP address are allowed in.  I could require that the client present a cookie.  There are lots of other standard hacks (and they are hacks) for tightening this up.  Rate limiting is always fun.

But I had a fun idea that I want to share.  What required that the login attempt include a Referer header.   It would be a huge inconvenience to route all my login attempts thru one of my private personal pages.

I know, it’s just security by obscurity, but even sightly unusual authentication requirements will frustrate the script kiddies.

We can make it better than that.  What if we embed a one time key into the header?  For example using TOTP, i.e. what Google Authenticator uses for two factor authentication.  That wouldn’t be very hard to implement.  And, if your feeling your oats you could delegate all the authentication to the site you’re routing your access thru.

You could make a browser plugin that injects this authenticating header when ever you visit certain urls.  And, of course, there isn’t any particular reason to use the Referer header at that point.  Obviously a plug-in of that kind could support a helpful scheme for provision the TOTP setup.

tracking an immovable installed base

Leave a reply

Here’s another example of the ongoing spread of tracking devices.  Cell phone tech applied to grave stones.  Is this first example of tracking applied to what is nominally an immovable object.  The equipment cost for tracking has fallen so low; the costs are now all in the service side of the business; particularly the marketing.

I do hope thunderstorms will be able to trigger howling graves like high-end car alarms in a parking lot.

Contrast that scheme with this tracking scheme where trash bins capture passing device identifiers.  Or this variation $20/year, not shipping yet though.

 

Eliza in BBN-Lisp

Leave a reply

Over in comp.lang.lisp Jeff writes.

With the permission and assistance of the author himself, Bernie Cosell, I have added the original Lisp Eliza to the Eliza Generations collection. Cosell wrote this Lisp version of Eliza at BBN in the mid-late 1960s. (Weizenbaum’s original was written in about 1966 in SLIP, a long-dead Fortran-based symbol processing package.)

See: http://elizagen.org/index.html

Thanks to Peter Seibel for connecting me with Bernie Cosell.

!!YOU CAN HELP!!

One way that you can help is by writing to Deborah Cotton (cot…@hq.acm.org) at the ACM permissions office and encourage them to open source Weizenbaum’s paper, which is still inaccessible under copyright protections.

Second, I’m hoping to create a “perfect” OCR of this code and then macrify it to run on CL with as little modification as possible. You can help create the codebase for this by choosing a single page at random from among the 48 TIFFs, manually entering the code as precisely as possible (including indentation) into a text file, and then emailing it to me: jshr…@stanford.edu. If you decided to do this, here are a few details worth attending to: So that we get good coverage, please really choose a TIFF file at random, e.g., via the moral equivalent of (1+ (random 48)). Please don’t just OCR the TIFF file; I’ve already tried this with very high end OCR tools, and they make terrible encodings of this sort of thing! It would help me do the reconstruction is you put the name of the TIFF file in a leading comment. Finally, if you would like to be explicitly acknowledged for your efforts, please include a comment line for yourself as well. The codebase will be released on github or some such public location. Then you’ll be able to help actually hack it!

Finally, if you know of open source Elizas, in any language, roaming around the net, please send me links to them so that I can update the “more recent” section of the page.

Thanks!

Cheers,
‘Jeff

Which is a delightful boondoggle. And, as I’ve currently got a lousy cold transcription is amount the most strenuous activity I’m up for. So, I’ve done two pages.  This gave me Interlisp flashbacks, which was fun.

They are very short, so you should do a few too.  Grab a random page here.

You can use this bash oneliner to pick a random page

curl -s http://shrager.org/eliza/20131112-Eliza600dpiRawScansRenamed/index.html | grep -o '>Eliz.*TIF' | sed -n $(( 1 + $RANDOM % 48 ))p

and then grab that page from here: http://shrager.org/eliza/20131112-Eliza600dpiRawScansRenamed/index.html

Solar Power

1 Reply
A large solar array in Westboro, who knew?

A large solar array in Westboro, who knew?

I am now an expert on solar power. A few nights ago I listened to a few talks about it, so there. Here are a few things I now think I know.

Solar panels cost has declined, sure. But what about other costs? Not so much. There are lots of other costs: framing, the installation, permitting, financing, site selection, the transaction costs to move power back into the grid, getting your tax rebate, political uncertainties, maintenance, the control electronics, the power-inverters, etc. etc.

For example there was a period a few years back when the price of panels rose, people who built arrays during that interval are a bit cranky about that. For example in my state the tax credit pool is draining out so the current boom is coming to an end.  I was quite amused by one person’s complaint about how hard these projects are to get past a New England town meeting.  That’s was principally about risk and financing.

So, coordination and other harder problems have come to dominate the industry. The cost decline of these systems is leveling off.  This is why you see these efforts to build arrays using robots.

All that makes large projects much more effective v.s. small ones. We have done a lot of projects here in Massachusetts over the last few years, and it’s employed a lot people. But reading between the lines I get the impression that many of those jobs were on little projects where the costs were disproportionately in the coordination costs.

Hot water? It was interesting to see the experts react to a question about solar water heating. They sort of did a collective sigh. Apparently a system that has moving parts and fluids is a pain. I guess that goes to explain why they are so rare. Most of my neighbors have little solar garden lights, none of them have solar heating of any form.

And yet, I look forward to steam-powered garden gnomes.

Gauntlets of Adverse Selection v.s. Healthcare Exchanges

Leave a reply

374px-Running_the_gauntletAdverse Selection is the name for a common syndrome in markets where “market participation is a negative signal.”Adverse Selection is the name for a common syndrome in markets where “market participation is a negative signal.”  For example you always gotta worry if they guy trying to buy life insurance is old and sick, or the guy trying to get a mortgage can’t pay for it.

The new healthcare exchanges have this problem.  The “worse,” i.e. most needy, customers are the one’s mostly likely to struggle thru the frustrating the sign-up gauntlet.

This failing of the software architecture and implementation.  It is required by the system’s political architecture.  The tangle of means testing, shopping metaphor, and the federation of insurance companies, states, and federal agencies forces it.  Let’s just pray engineers and their managers can make the gauntlet less daunting.

ROSWHEEL LCD Waterproof 14 Functions Wired Bike Computer 81491

3 Replies

roswell_bike_computer_81491I was unable to find this info on the web, so this post’s purpose is to provide the info for other folks.

I bought a ROSWHEEL LCD Waterproof 14 Functions Wired Bike Computer 81491 from China via eBay for $3.95.  Naturally it takes a while to for delivery.  The instructions were in Chinese.  I think I’m happy.

If you want to get it into setup mode when you first install the battery.   At that point you need to work quickly.   You can expect to repeat the setup a few times till you get the hang of it.  Once in setup one button advances the setting, and the other button advances thru the steps of the setup (speed units, wheel circumference, initial odometer setting).

There many videos on the net illustrating how to set up other bike computers.  Watch those for further suggestions on how this one works.   There I learned there that it’s a good idea to wrap all the extra wire around the front brake cable.

The wheel circumference is in units of 10mm. I had issues getting the magnet screwed on to the spoke, so be careful about that.  I suspect if you pay slightly more you might get a better design for that, and 1mm units for the wheel circumference.

Later, I recalled the Google Translate app claims  to translate little snippets of text.  It is much improved since I last tried it.  Now, it works!  It’s tedious.  It’s very cool.

I bought it from this eBay seller.

Google’s Enclosure of Android

Leave a reply

steampunk_andoid_caseI do like Ars Technica.

I while back Ars Technica wrote an article about Google’s Play Services on the Android.  They treated Play Services as the solution to a problem, i.e. getting updates to the phone. Carriers, hardware vendors, and users all make this hard.  Platform vendors often run into the problem that their installed base becomes immovable.  Play Services routes around these guys, it has its own update path.  Ars Technica even went so far as to suggest Google might not need to make Android OS releases as often.

At the time I disappointed.  They didn’t seem to recognize how this was really about moving Android from Open Source to proprietary. Well, this new article certainly fixed that! Now they get it.

Google is doing an amazing job of locking down the actors the complement this business. They are gaining control of the users, the hardware vendors, the carriers, and the app developers.  If you do business architecture around Open Source you need to understand this stuff!  The article is a handbook for how to enclose an open source project.

Did they plan this?  Or did it just emerged organically from the nature of the business?  I’d love to know the people who can do the former, but the latter is much easier on one’s conscience.