Internet Tech

Take back the Internet

Published May 21, 2014  ·  All posts on May 21  ·  

This is not the Internet the world needs, or the Internet its creators envisioned. We need to take it back.

And by we, I mean the engineering community.

Yes, this is primarily a political problem, a policy matter that requires political intervention.

But this is also an engineering problem, and there are several things engineers can — and should — do.

~ Bruce Schneir from, Take Back the Internet

slip:4usebo4.

I’d venture that the vast majority of regular, everyday people working in technology related jobs are not actively trying to do evil. People go to work, make the best decisions they can and then go home. If that’s true, then it’s going to be nigh impossible to change the momentum of how things (e.g., NSA surveillance) are going. Because in order for it to change, we need to start thinking bigger.

ɕ

Hello App.net

Published April 15, 2014  ·  All posts on Apr 15  ·  ,

App-net-icon

App.net is WAY cool

What makes it cool, different and BETTER is:

  • They built the PLATFORM, (the heavy lifting behind-the-scenes that makes it all work)
  • They wrote the API, (the instructions for how to build things to USE the platform)

…and that’s all they wrote.

Aside: Yes, they did write sample applications. It’s hard enough to wrap your brain around it as it is, let alone if there were no apps to play with. So they built a web-based front end called “Alpha”, (for example.)

You, (dear reader) do not “look at” App.net, and you do not “use it”. You use APPLICATIONS which are built on the App.net platform/API.

App.net is different

App.net charges the developers: They’ve built a stable, powerful and feature-rich PLATFORM. They logically believe that developers will be willing to pay to use the platform.

Developers build applications: They pay App.net for access to connect their application to the platform. For example: Tapbot’s Netbot app is a superlative app using the platform. (App.net also maintains a directory of available apps.)

People use the applications: You, dear reader, choose your favorite application. You can use the free “Alpha”, (that’s it’s name) web front-end that App.net wrote. You can also download an app, (some are even free) from your favorite app store for your mobile device.

So, for example, how do you find me on App.net? Easy: Open your favorite App.net application and look for “cc1315”, my full name, or my email address. If you like to use the “Alpha” web-based application, then I’m /cc1315 . So there’s you using an App.net application! Another example is the application I wrote, (it required three mouse clicks) which enables this blog to push my posts into the App.net platform.

Wait. Wat?

The problem with all the big-name social networks is that they built, own and control the platform AND the application.

By “problem” I mean “things regular-users don’t like.” For example: Ads appearing; Weird algorithms that determine what I actually see and which strong-arm content-creators into paying money to boost viewership; Posts that look like posts but are really ads paid for by advertisers. And things that limit content creators, like: Not allowing posts at all into the platform; Weird rules that limit how posting is done because they don’t want the users leaving the platform to go read  content directly.

This is exactly WHAT WE DESERVE. The companies that built the platforms get to create the rules because they own the platform, control the API and they control the applications. The people USING the social network are the product that gets monetized. So everyone shows up, for free, to socialize. But then the advertisers buy-in to get access to all the people. To the people socializing, it feels like the social club is letting weirdos into the club who roam around asking if we want to buy things.

Don’t believe me? Here are some search-result links:

“why Facebook sucks”
“why Twitter sucks”
“why Pinterest sucks”
“why Instagram sucks”

App.net fixes this how?

Let’s think through the “problem” scenarios…

First, you do still choose who to follow. So let’s assume for this discussion I’m following a couple hundred accounts. (My friends, some favorite businesses, etc)

ads

I see a post from a business, but it’s actually an ad! …how do I make that go away? Current social networks? …you cannot.

Aside: Yes, some social networks let you kill that particular ad, but there are always more to follow. In reality, you’re just TUNING what ads they will show you, not blocking out ads.

With App.net it’s easy: Stop following that account. (Or maybe contact them and say, “yo, less ads please” if you really like their other posts.) App.net won’t let them send you further content, that would be a lousy platform that developers wouldn’t pay to use!

So maybe that ad you see is being shown by the application you’re using… it’s not really coming through the App.net platform… Easy: Don’t use that application. Or maybe pay them to turn the ads off. (Look! An application ecosystem where great apps win out.)

But, (you ask) what If someone tries to write an app to spam ads into the App.net platform? It turns out the platform doesn’t have that ability. (The current social networks have that ability BIG TIME — it’s how they make money.) But App.net makes money from the developers, so they don’t have a “spam everyone” feature in the platform. That’d be a lousy platform that developers would not pay to use.

content filtering

App.net delivers everything from all the accounts you’re following; That’s why developers want to pay to use the platform; It works well! So the applications might filter, or sort, or whatever. (Maybe, show me more posts from my friends whose posts I favorite.) But that’s a feature that you CHOOSE when you select what app to use. Don’t like how the app filters or sorts? …switch apps!

content posting into the platform

Current social networks want you to use their apps to post content. App.net simply moves the content through the platform. (Which is why it’s a great platform that developers want to pay to use.) So anyone can write any application to post content into the network.

Closing thought

The only thing more cool (in social networking) than App.net is Tent.io . With Tent.io, instead of having one centralized platform like current social networks and even App.net, you have one giant fabric which is composed of everyone’s PERSONAL data platform. So Craig’s posts are on Craig’s platform, etc. Then the Tent.io magic moves the messages around between the nodes, prevents anyone from impersonating anyone else, etc.

But that’s another post altogether… :*)

ɕ

Heartbleed: For want of one nail, the kingdom is lost

Published April 8, 2014  ·  All posts on Apr 8  ·  

The Heartbleed OpenSSL problem is big news ( http://heartbleed.com if you’ve been under a rock ). What’s wrong?

In short, Heartbeat allows one endpoint to go “I’m sending you some data, echo it back to me”. It supports up to 64 KiB. You send both a length figure and the data itself. Unfortunately, if you use the length figure to claim “I’m sending 64 KiB of data” (for example) and then only actually send, say, one byte, OpenSSL would send you back your one byte — plus 64 KiB minus one byte of other data from RAM.

Whoops!

Matt Nordhoff from, How exactly does the OpenSSL TLS heartbeat (Heartbleed) exploit work?

So this one, tiny-looking problem brings our entire sand-castle Internet kingdom down. “Secure” web sites turn out aren’t necessarily secure. Worse, they haven’t been secure for some uncertain amount of time. So, anything communicated insecurely, during some uncertain time-frame… is, uh, possibly snooped, stolen, etc. The system admins have to patch the fix in, then redo site certificates, then everything everyone has put to/from those sites, (your login and password for example!) has to all be considered stolen/tainted and has to be reentered.

Bonus: it’s even worse than I’m making it sound: Try this on…

http://security.stackexchange.com/questions/55116/how-exactly-does-the-openssl-tls-heartbeat-heartbleed-exploit-work

http://security.stackexchange.com/questions/55097/can-heartbleed-be-used-to-obtain-memory-from-other-processes

ɕ

Also, people didn’t know to click on images

Published April 6, 2014  ·  All posts on Apr 6  ·  

I distinctly remember:

  1. When inlining of images happened; The first time it was possible to put an image directly INTO the page. And JPEGs man. JPEGs where coooooooooool.
  2. Also, tables. Today, everyone loves to whine about how bad it is to use tables to layout pages. NOT having tables was much, much worse.
  3. And image-maps; The idea that WHERE exactly you clicked on an image, could take you to different content. I won’t even get into what we had to do to make it work… (but it involved: convex polygon mathematics, C code, a compiler, and a DEC Alpha work station.)
  4. …and we had to TELL people, “A lot of images in Skew are links… Click at will!” when we started e-publishing a magazine in December 1994.

So yeah, back in the day we had Mosaic. Then these guys hit it out of the park with:

Navigator was the way millions of people around the world were introduced to the web. Many web technologies and standards, such as as SSL, Java, Javascript, open APIs and support for online media, were innovations that Navigator made mainstream.

Brian McCullough from, On the 20th Anniversary

slip:4uieoe1.

ɕ

Stop data-mining me

Published January 8, 2014  ·  All posts on Jan 8  ·  

Data brokers have pioneered advanced techniques to collect and collate information about consumers’ offline, online and mobile behavior. But they have been slow to develop innovative ways for consumers to gain access to the information that companies obtain, share and sell about them for marketing purposes. Now federal regulators are pressuring data brokers to operate more transparently.

In 2012, a report by the Federal Trade Commission recommended that the industry set up a public Web portal that would display the names and contact information of every data broker doing business in the United States, as well as describe consumers’ data access rights and other choices. But, for years the data brokers have been too busy to build a centralized Web portal for consumers. So, we decided to help them out and StopDataMining.me was born!

~ http://www.stopdatamining.me

Go there. Then, one by one, follow the links to the data mining companies “opt-out” forms. These companies ALREADY know who you are.

ɕ

Control T for TENEX

Published December 8, 2013  ·  All posts on Dec 8  ·  

This magic works via detection of a STATUS control character, Control-T, by the kernel tty driver, which then prints the load line via tty_info() on FreeBSD or ttyinfo_locked() on Mac OS X. It also sends a SIGINFO to the process, so it can run its own routine. See STATUS in the termios(4) man page.

~ Brendan Gregg from, «http://dtrace.org/blogs/brendan/2013/10/05/control-t-for-tenex/»

It is so freakin’ cool when I learn new Unix tricks. It’s like a maze of twisty passages, all alike; Except there’s… oh! A piece of candy! oh! A piece of candy! oh! A piece of candy.

ɕ

It is use cases all the way down

Published August 6, 2013  ·  All posts on Aug 6  ·  

The center of your application is not the database. Nor is it one or more of the frameworks you may be using. The center of your application are the use cases of your application.

~ Bob Martin from, Clean Coder Blog

slip:4utiue3.

6th gen prog lang

Published July 31, 2013  ·  All posts on Jul 31  ·  ,

6th gen prog lang: when you yell to a co-worker, “yo! email me that binary.”

ɕ

Vim koans

Published July 25, 2013  ·  All posts on Jul 25  ·  

An old Unix master came to Master Wq. “I am troubled, Wq. You teach the way of Vim. vi is holy but Vim is not; its code sprawls, its features crowd memory; its binaries are vast, its behavior inconsistent. This is not the way of Unix. I fear you mislead your students. What can be done?”

Master Wq nodded. “You are right,” he said. “Vim is broken. Let us fix it. Shall we begin?”

Tom Ryder from, Vim Kōans | Arabesque

slip:4ugevi1.

ɕ

Javascript must die! Long live Javascript.

Published July 17, 2013  ·  All posts on Jul 17  ·  

For want of a static language the type checker was lost.

~ Dariusz Pasciak from, «http://blog.8thlight.com/dariusz-pasciak/2013/06/26/for-want-of-a-static-language.html»

I don’t write much j/s, but I write enough. Enough that I shouldn’t feel like I’m always struggling to remember how to use an array. An array for crying out loud. “Everything’s an object.” Great. Why?

ɕ