Donald and Jill Knuth have posted about their collection of 962 photos of diamond shaped signs. The post points to two other sites about diamond shaped signs (1 2), as well as to a Google Maps mashup. To complete the webbiness, I heard about this via a tweet from nanofoo.

[Tags: everything_is_miscellaneous knuth diamond_shaped_signs signs traffic_signs road_signs ]

The bloggers who write the posts at the White House blog now are putting their names on their posts. I think this is a terrific move.

As I posted a couple of weeks ago, my interest isn’t in accountability. On the contrary. Usually, we think that along the Continuum of Responsibility, putting your name to something will push you toward the Staying In Line side, while being anonymous lets you run toward the Recklessness goal post. But, it doesn’t always work that way. At a site like WhiteHouse.gov, the anonymity of bloggers reinforced the notion that the blog is a faceless voice of authority, with an adjoining door to the Office of Press Releases. I’m hoping that now that the bloggers are signing their posts, they will feel free-er to speak in their own voices, and present shades of view that are a bit more off-angle, and thus more interesting than the Official View. That’s already been true of the posts of the guest bloggers on the site. Now I hope the official bloggers will feel ok about occasionally saying “OMG!!!! I CAN’T BELIEVE I’M IN THE WHITE HOUSE!!!!!!” except maybe a little more constructively and definitely with the caps only implied.

[Tags: white_house whitehouse obama e-gov e-government e-democracy egov blogs anonymity accountability ]

E Ink has sold itself to Prime View International, a large Taiwanese display manufacturer, and I don’t understand why.

Now, it’s not surprising I don’t understand why. I have no info about E Ink’s financial state other than this article by Robert Weisman in the Boston Globe, and in any case I’m not a great financial guy (and I have the bank statements to prove it). So, my surprise may well be due to nothing but ignorance. Nevertheless, here’s why I was taken aback by the announcement.
E Ink is on a roll in a market that is about to explode (in the good sense). After ten years of work developing a low-power, highly legible display, it’s got something that works. Thanks to Kindle, it’s proven itself in the mass market and it’s in lots of people’s hands. And the market is about to take off now that we have digital delivery systems, a new generation of hardware, and a huge disruption in the traditional publishing market. So, why would E Ink sell itself?

The price — $215M — seems relatively low for such a hot product. If they need the money to fund R&D or to build manufacturing facilities, surely (= it’s not at all sure) there were other possibilities. Apparently the market crisis made an IPO implausible, although, to tell the truth, I — with my weak financial grasp — am not convinced. Investors are looking for places to invest, and E Ink looks like it’s exactly the sort of company they’d love to back: a proven leader in a market that’s obviously on the verge of explosive growth. It’d be like getting in on the early stage of iPods, only potentially bigger, since everyone who reads eventually will have an e-reader. But, if an IPO was out, why wouldn’t E Ink have preferred other forms of investment, including giving a partnership and equity stake to Prime View?

The most likely explanation by far is that I don’t understand what I’m talking about. Another explanation is that the company and its investors simply wanted to cash in by cashing out; the Globe article suggests this. But, that again raises the question of why they’d want to exit a company with a product in a market that’s about to take off. Perhaps they have reason to think the market is not going to take off , but that seems wrong; note that Google yesterday announced it’s going to enter the online book sales business. Or maybe they have doubts about E Ink technology. Maybe they worry the cost won’t drop fast enough for a commoditized market. Maybe color isn’t on its way fast enough. Maybe they’re worried about the inability (or so I’m presuming) of their tech ever to handle video, since the winning e-reader will eventually be multimedia. Maybe they know about ebooks on the way — Apple iPad or whatever the presumed product will be called — that will make static, black-on-gray pages seem obsolete.

So, I don’t know. But it smells fishy to me…although, as I may have mentioned, my financial sniffer has never been very reliable, and I’ll be happy to be set straight about this.

[Tags: e_ink kindle displays ebooks e-books everything_is_miscellaneous ]

The Columbia Science and Technology Law Review is going open access:

…we’ve refined our author agreement (already very liberal) to explicitly ensure that authors retain their copyrights, and we’re making our agreement public on our website. At the same time, we’re also embracing open publication, formally putting our articles under a Creative Commons Non-Commercial No-Derivatives license, and allowing our authors to distribute themselves under even more liberal licenses if they so choose.

Yay!

[Tags: open_access journals law_journals everything_is_miscellaneous ]

From Shannon Clark, from a mailing list, with permission (and a very few light edits because of its original mailing list context):

I just got back from Google IO – but couldn’t hangout as long as I wanted to this afternoon, but I did talk with some of the Wave team.

It is not yet released, they have published dev docs and are taking signups for people who are interested and they are working on opening it up as quickly as possible.

From what I’ve seen so far, it indeed looks exceptionally cool – and is very important to the future of the web.

It is also, and this is a key point, tied closely to the release and support of HTML 5 – so watch how that progresses in Chrome & Safari – Version 4 of Safari is in beta and available easily btw (and watch for the release of Firefox 3.5) – when those are released out of dev into prod supporting HTML 5 I’d predict we’ll see Wave (and likely other surprisingly powerful applications) start to get released that take advantage of HTML 5’s features.

In particular the “Web Worker” feature which allows for a web page to do background processing is pretty key – potentially I suspect also a security concern (though I hope this is not the case) but more practically it means that web pages can do even more intensive processing without killing your ability to switch tabs & keep working (some other moves Google is proposing would enhance this capabilities even further)

The other features are also pretty nifty

– a standard data store to allow for offline applications (without a plugin like Google Gears being required),

– standard ways to do geolocation (where the browser/OS chooses which tools to use to calculate it, the web page only gets the data if you give it permission to do so),

– a video tag also removing yet another plugin being needed – it also allows multiple video elements of a page to manipulated by CSS & Javascript – Google demoed a YouTube page where every thumbnail could play on mouseover – all while loading very quickly) – see http://youtube.com/html5 if you have a dev release which is HTML5 compatible

– a canvas tag which is an area that is pixel level addressable by javascript – allows for really smooth applications to be built & developed

– in talking with people at Google they definitely intend to open source the client & eventually probably the server – currently the whole app is over 1M lines of code which they are reviewing to ensure they can in fact open source all of it (my guess is the would rewrite sections they can’t open source currently – stuff that perhaps uses a licensed library etc)

The plan is for companies or organizations to be able to run their own Wave servers – which might then do federation.

That said, from the conversations it sounds like they have found issues and complications with Federation so that may be a feature left out early on (which isn’t a big deal for the initial releases if Google will be hosting all of the first Waves).

Look carefully at some of the posts about Wave – in particular the distinction between Gadgets & Robots. Gadgets being stuff like the existing OpenSocial apps (which will mostly all work directly) – chess games & other rich, usually social applications which will be embedable into a specific wave.

Robots on the other hand are much like old IRC robots – but can do much more than just respond to a chat/hold a conversation – they will also be able to modify a wave much as any other user – so they could do automated spell checking/translation, could modify/enhance content which is posted (making stocktickers links or the like), and can serve as bridges with other systems – so one of the first Google wrote links specific tweets into a Wave.

Very cool stuff

[Tags: google google_wave googlewave ]

I’m excited about Google Wave, based on TechCrunch’s description of it, and my own fervid projections of what I’d like it to be. If I’m understanding it correctly — and the likelihood is that I’m not … take that as a serious warning — this could be bigger than Facebook and MySpace in terms of how it terraforms the Net.

Social networking sites were hugely important because they addressed a huge lack. The Web knows how pages are linked, but it knows nothing about the relationships among groups of people. SNS’s added that layer. And the smartest of the social network sites treated themselves as platforms on which other apps could be built. Google Wave goes back to the Internet’s most basic layer: people talking with one another. While there are obviously lots of apps and protocols enabling the back and forth gesticulating we call “conversation,” there’s been nothing underneath them all that recognizes that they’re all different ways of doing the same basic thing: IM doesn’t know about email doesn’t know about Usenet doesn’t know about chat doesn’t know about Facebook messaging doesn’t know about Twitter. Each of these ways humans have invented to talk with one another is treated as its own separate app, as different as playing a zombie-killing game and marking up x-rays. In fact, many years ago, a few of us tried to generate interest in what we called threadsML, which we hoped (vainly) would be a standard way for conversations to be shared, stored, and moved around.

Wave, as I understand it, is a platform underneath the multiple modalities of human conversation. It doesn’t care if you’re emailing, IMing, or throwing photos at one another. The structural object is the conversation; the means of conversation is just a detail. [Note: I think.] The fact that you said “No way!” using IM when talking in realtime with a friend who’s reading the same email thread with you no longer will mean your expostulation will have to be treated as a separate app, just as when talking in the real world, we don’t count our hand gestures as something apart from the conversation just because we make them with our hands instead of with our mouths.

So far, Google is (unsurprisingly) doing the right and smart thing, opening it up to developers early on, using the open XMPP protocol, and open sourcing the Google Wave Federation Protocol. If this is to be more than just another app for talking, Google has to treat it like an open platform. The first sign of lock-in will scare away the very folks Google needs if Wave is to be more than just a shiny new set of tin cans and string for those who want to talk with other Google users.

There’s lots that could go wrong. And my understanding of Wave is so preliminary that I’m sorry to be so far out on the limb. But I’ve been waiting on this limb for a long time, frustrated that conversations are splintered by medium when they should be joined by topic and social group. Wave is the first thing I’ve seen that offers a genuine hope for getting this right by starting with the most fundamental social object we have: people talking with one another.

I think.

[Tags: google_wave conversation social_networks social_objects ]

Chris Soghoian is giving a Berkman lunchtime talk called: “Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era,” based on paper he’s just written. In the interest of time, he’s not going to talk about the “miscreants in government” today.

Pew says that “over 69% of Americans use webmail services, store data online, or other use software programs such as word processing applications whose functionality is in the cloud.” Chris’ question: Why have cloud providers failed to provide adequate security for the customers. (”Cloud computing” = users’ data is stored on a company server and the app is delivered through a browser.)

He says that providers are moving to the cloud because they don’t have to worry about privacy. Plus they can lock out troublesome users or countries. It lets them protect patented algorithms. They can do targeted advertising. And they can provide instant updates. Users get cheap/free software, auto revision control, easy collaboration, and worldwide accessibility. Chris refers to “Cloud creep”: the increasing use of cloud computing, its installation on new PCs, etc. Vivek Kundra switched 38,000 DC employees over to Google Docs becore he became Federal CIO. “It’s clear he’s Google-crazy.” Many people may not even know they’ve shifted to the cloud. Many cloud apps now provide offline access as well. HTML 5 (Firefox 3.5) provide offline access without even requiring synchronizers such as Google Gears.

Chris says that using a single browser to access every sort of site — from safe to dangerous — is bad practice. Single-site browsers avoid that. E.g., Mozilla Prism keeps its site in its own space. With Prism, you have an icon on your desktop for, e.g., Google Docs. It opens in a browser that can’t go anywhere else; it doesn’t look like a cloud app. “It’s a really cool technology.” Chris uses it for online banking, etc.

Conclusion of Part 1 of Chris’ talk: Cloud services are being used increasingly, and users don’t always know it.

Part 2

We use encryption routinely. SSl/TLS is used by banks, e-commerce, etc. But the cloud providers don’t use SSL for much other than the login screen. Your documents, your spreadsheets, etc., can easily be packet-sniffed. Your authentication cookies can be intercepted. That lets someone login, modify, delete, or pretend to be you. “This is a big deal.” (The “Cookie Monster” tool lets you hijack authentication cookies. AIMJECT lets you intercept IM sessions; you can even interject your own messages.)

This problem has been wn since August 2007, and all the main cloud providers were notified. It took Google a year to release a fix, and even so it hasn’t been turned on by default. Facebook, Yahoo mail, Microsoft, etc. don’t even offer SSL. Google says it doesn’t turn it on by default because it can slow down your computer, because it has to decrypt your data. But Google does require you to use it for Google Health, because the law requires it. To get SSL for gmail, you have to go 5 levels down to set it.

So, why doesn’t Google provide SSL bu default? Because it takes “vastly more processing power,” and thus is very expensive for Google. SSL isn’t a big deal when done on your computer (the client computer), but for cloud computing, it would all fall on Google’s shoulders. “If 100% of Google’s customers opt to use SSL, it sees no new profits, but higher costs.” “And Google is one of the better ones.” The only better one, in Chris’ view, is Adobe, which turns it on by default for its online image editing service. [Here’s a page that tells you how to turn on SSL for a Google Accounts account.]

Chris thinks that cloud computing security may be a type of “shrouded attribute,” i.e. am attribute that isn’t considered when making a buying decision. But, Chris says, defaults matter. E.g., if employees opt employees into a 401K, no one opts out, but if you leave it to employees to opt in, fewer than half do. Facebook, for example, seems to blame the user for not turning privacy features off. “Users should be given safe services by default.”

Part 3: Fixing it

Chris draws analogies to seatbelts and tobacco legislation. He recommends that we go down the cigarette pathway first: Raise publice awareness so that they demand mandatory warnings for insecure apps. E.g., “WARNING: Email messagew that you write can be read, intercepted or stolen. Click here to turn on protection…” [Chris’ version was better. Couldn’t type fast enough.]

Or, if necessary, we could pass regulations mandating SSL. T he FTC could rule that companies that claim their services are safe are lying.

Q: [me] How much crime does this enable?<br
A: The tools are out there. But there’s no data because intercepting packets leaves no traces.

Q: How about OpenID?
A: The issue of authentication cookies is the same.

Q: Should we have a star rating system?
A: Maybe.

Q: The lack of data about the crime is a problem for getting people to act. Maybe you should look at the effect on children: Web sites aimed for children, under 18 year olds using Facebook…
A: Good idea! Although Google’s terms of service don’t allow people under 18 to use any of their services.

Q: People also feel there’s safety in numbers.

Q: How much more processing power would SSL require from Google?
A: Google custom builds its servers. Adding in a new feature would require crypto-co-processor cards. I don’t think they have those. They’d have to deploy them.

Q: There are GreaseMonkey scripts that require FB to use SSL. Worthwhile?
A: FB won’t accept SSL connections.

Q: Google Chrome’s incognito mode? Does it help with anything?
A: It helps with porn. That cleans up your history, but it doesn’t encrypt traffic.

Q: The vast majority of people where I live don’t lock their house doors. And [says someone else] people don’t lock their mailboxes even though they contain confidential docs.
A: Do you walk around with your ATM PIN number on your forehead? Your bank uses SSL because it’s legally responsible for electronic break-ins, whereas Google isn’t.
A: The risk is small if you’re using a wired ethernet connection or a protected wifi connection.

Q: With seatbelts and smoking, your life’s at risk. For Gmail, the risk seems different. There aren’t data, screaming victims, etc. It makes the demand for regulation harder to stimulate.
A: The analogy doesn’t work 100%. But I think the disanalogy works in my favor: It’s hard to have a cigarette that doesn’t harm you, but it’s easy to have a secure SSL connection.

Q: Shouldn’t business care about this?
A: Yes, CIO’s can make that decision and turn on encryption for the entire org. Consumers have to be their own CIOs.

[from the IRC] Maybe the govrnment wants Google to be insecure to enable snooping.
A: Allow me to put on my tin foil hat. Last year the head of DNI said that the gov’t collects vast amounts of traffic. We don’t know how they’re doing it, which networks they’re collecting data from. If Google and AT&T, etc., turned on SSL be default, the gov’t’s job would be much harder. Google has other reasons to keep SSL off, but it works out to the gov’t’s benefit.

Does Adobe’s online wordprocessor, Buzzword, offer SSL for its docs?
A: Don’t know. [It does] [Tags: security identity_theft google ssl ]

The article in Gizmodo that says that WolframAlpha is racist is ridiculous. Yes, if you search at WA for “dumb,” you get a graphic “synonym network” of associations that leads to “black,” but can we please apply the most basic rule of sympathetic reading and come up with the much more plausible explanation: The network goes from “dumb” to “dim” to a bunch of words related to “dim,” including “black.” This makes WA as racist as Google’s “wonderwheel” for “dumb” leading directly to “dumb blondes” makes Google sexist.

(BTW, those WA synonym trees are pretty useless, at least in Firefox, at least on my computer; hovering over a node doesn’t reveal which word it represents. Maybe it’s just my furshlugginer configuration.)

[Tags: wwolframalpha wonderwheel google everything_is_miscellaneous ]

Wired.com reports that Data.gov has opened to “mixed reviews.” Puhlease. It’s nowhere near what it will be, but OH MY TOASTY GOD, our government is now committed to making public data available in open formats to anyone who wants it. As if it were normal! As if it were obviously the right thing to do! In open formats, people!

So, sure, let’s keep an eye on it. Let’s make sure the news permeates every government department. But first let’s swoon in delight.

[Tags: egov e-gov e-government democracy open_standards open_government everything_is_miscellaneous ]

The Rosenberg spy case, which was a touchstone for the left and the right — or the pinkos and the McCarthyites, as it’s thought of in the Culture Wars — has been made more understandable by the Cold War International History Project by the creation of a Timeglide time line. It’s useful as a supplement to a narrative and as a way to drill down, although by itself it’s not the optimal way of telling the story, nor is it intended to be. (It may also work better for people with brainage opposite to mine.)

I’m not an expert in the case, so I can’t judge its accuracy or completeness. But it’s got lots of links to sources. And it’s a very nice way of organizing a mass of time-based materials.

[Tags: everything_is_miscellaneous history timelines rosenbergs ]