Pages

Saturday, May 24, 2014

How Long Till Location-Sharing Makes Cheating Impossible?

Frictionless, always-on location-sharing has been possible at least since the earliest days of Android (2008). I have been surprised that it hasn't become more common, but I have to think it will. The Google+ implementation is very nice, and there are other options as well.

From the time I first discovered it, I wondered what impact this would have on relationship cheaters. The analogy would be the surge in spouse-installed PC spyware--such as Who, What, When--in the early, pre-cloud, pre-social network days of home computers.

While I doubted by generation would embrace location-sharing, I figured "digital natives" would. Hasn't happened as fast as I would have thought. But still, I have to think it will happen. And once always-on location-sharing becomes normative, how do you refuse or temporarily suspend your significant other? That alone would obviously be the proverbial "red flag".

(I suppose I can also foresee partially-effective countermeasures, apps that interfere with or false-report location. But if you are using something like the built in Google+, that could be hard.)

Thursday, May 22, 2014

DollarShaveClub.com: I Love the Cheapskate Ethos

I love the ethos of no-nonsense consumer frugality and value-seeking in this video and product. I love, love, love the fact that it takes a mean swipe at the fact that any heavily-advertised product must be more expensive than it really needs to be. That is a core belief of mine--any product that is heavily-promoted is certainly too expensive. (Often, not really that good, either--looking at you, Keurig--but definitely too expensive).

Consumers need to train themselves to have that immediate, allergic reaction to all advertising (Thought bubble: "This product is being advertised a lot...look for a more generic knockoff...").


Saturday, May 17, 2014

Some Regulations for Drones

Consumer-level drones are in the news a lot these days. Industries, such as agriculture and film-making, are using them, even though the FAA says commercial uses are prohibited, pending formulation of regulations for them.

Drones offer lots of potential but also plenty of reasons for concern. I have a few thoughts for steps to controlling them.
  • Drones should be licensed with serial numbers.
  • Drones should transmit their location to a registry. If secrecy is required, then that is an option, but requires a special permit and incremental fee. In that case, they still transmit, but the registry is not publicly viewable (but is there if needed by law enforcement, or in the case of liability).
  • Drones should come with governors. The governors would control things like altitude, and distance, putting a ceiling on human error, as much as possible.
  • Defeating the governors should be a severe, possibly criminal, infraction.
  • Stating the obvious--it should be a criminal offense to equip a drone with any form of weaponry.
  • Law enforcement may enforce drone licensing comparable to driver's licenses.  
I think society would be well-advised to start getting this figured out, before it becomes an entrenched right or fact on the ground, like gun rights or using cell phones in cars.

UPDATE 07/20/15: Dave Winer put it well...I can't find the quote at the moment, but to the effect that drones disrupt basic human assumptions about spatial liberty and safety.

UPDATE 07/20/15: This account of drones (unintentionally) interfering with firefighting aircraft, resulting in the loss of ~20 cars and risk of worse, is a good example.

Friday, May 09, 2014

Government: Invest in research, not industries

most people on Wall Street are primarily motivated to make money, but a few people are primarily motivated by an intense desire to figure stuff out.
This is why investing in research, not industries, is where scarce government investment dollars should go. The payoff from research is just tremendous. 

SnagIt: Should be, Could be, the Graphics Editor for Every PC

I've known about SnagIt for a while, and have been using it at work for a couple of years, ever since I discovered we have a site license and it only costs $2 to get it (I think that is correct, take with a grain of salt). Whereas at $50, a retail copy is a bit pricey.

I wonder if SnagIt is missing a market opportunity. While best-known for screen capture, in truth, SnagIt could be the default graphics editor Windows has always lacked. I assume they are making good money at $50 per user, but I think they could go after a much bigger market.

One idea is that Microsoft should acquire or license (or, less auspiciously for SnagIt, clone) them. Every copy of retail Windows should include a version of SnagIt. Another idea would be to have family-friendly consumer pricing. We have 5 PCs in the family. No way am I paying $250 to equip them all with SnagIt. But I would probably pay $50 to do that.

To avoid cannibalizing the full-price version, maybe they need to think about a "lite" consumer version. Not sure, off the top of my head, what features to put in what version. But one candidate would be the fabled "scrolling capture"--where SnagIt almost magically captures a scrolling window. Much more of a professional than a consumer feature.

Wednesday, May 07, 2014

Jargonwatch: Like White on Rice


I never heard the phrase "Like White on Rice" before the past year. I don't care for it. Different sites (such as this one) seem to think the rationale for the analogy is clear and obvious. I don't agree. It is easy to figure out the meaning from context, but I really don't see the analogy being so strong. To be annoyingly technical, white's pigmentary relationship to rice is more "of" than "on".

2022-06-07 Postscript: this one seems to have died out very quickly.

Could App.net have been a better OAuth Authenticator?

App.net started as a paid, no-advertising Twitter clone. I know it grew to be more, stuff that I didn't really follow. I wonder if it could have been a much better OAuth Authenticator?

Tuesday, May 06, 2014

Reasons not to Login with Facebook, Twitter, etc

In the past few years, it has become common for web sites to allow users to create accounts by simply using their Facebook, Twitter or Google logins. I recoiled in horror the first time I saw it, and I thought it was a one-off hack. But then it became ever-more prevalent, and I slowly realized it was sanctioned.

I finally got around to investing about 2 hours of my life in better understanding this. It is part of a standard called OAuth (open authorization). It's interesting, powerful and convenient. But based on my research, I conclude my initial reaction is still valid. OAuth, as I understand it, has some substantial drawbacks (note--for convenience, the examples below refer to "Facebook", but it would be the same for any of the social sites that support the OAuth login buttons):
#1: The most severe is impersonation. When you use OAuth for authentication to, say, the sleaze.com website, sleaze.com retains a token, giving it the indefinite ability to impersonate you, at other sites! (I wonder if this is behind the bouts of bot-generated friend-spam I get periodically.) 
#2: The website or app using Facebook login can, as part of the login request, bundle a request for authorizations to Facebook resources. E.g., "allow this app to post on your behalf" or "allow this app access to your address book". Of course the user has the opportunity to decline, and thereby cancel the login process, but they can't selectively decline the authorization requests. It is all-or-nothing. (Looks like that might be changing, at least at Facebook.)
#3: This creates one more avenue for Facebook to collect data about you. The last thing any of us need.
#4: It is a single point of failure. If for whatever reason, you get locked out of your Facebook account, you are locked out of all your other accounts, too. This could happen by your own mistakes, by Facebook's technical problems. It could also be a vector of attack from someone out to annoy you (try to login in as you to get your account locked).
There is a work-around that mitigates #2 and #3: create a special, fake Facebook account, solely for logins. But #1 and #4 are still problems, so I really don't think this is good enough.

Here is an excellent article on the topic, which pretty much says everything I did, but in far more detail.