Month: September 2005

I've been contemplating the web site run by the Bluespamming outfit I wrote about here. Their powerpoint is essential reading – download it and wonder!

For example, consider the flexibility of Bluecasting with respect to who you can track and annoy:

Jason Lee Miller picked up on some of this in a piece he did recently at WebProNews. As Jason says:

“What if, in real life, only 15% of the people you approached for a conversation responded to you? You'd probably feel like a shmuck, a social pariah. Fifteen percent is enough to make a direct marketer's thick head spin, and Bluecasting, sending ads via Bluetooth technology to unsuspecting phone-toting passers-by, offers that promise…

And really, the annoyance factor, once the bug hits the States, is going to be huge. Just try walking by a shopping mall, a subway station, or a town square, for that matter, without your phone constantly buzzing at your side asking if you want to check out the latest exercise machine from Tony Little. Gives me shivers.

But at least we can count on the fact that products will be developed to block “de-listed” signals one day, defending our right to not be annoyed as we catch our planes.

Jason also refers to a piece by Mike at techdirt. He had this to say:

… [Y]ou just have to cringe when some marketers do things so obviously bad that you just know it's going to continue the downward spiral of the view of what marketing really is about.

A few weeks ago, we wrote about a test of a system in the UK called “Bluecasting” which was more accurately described as “Bluespamming”, where terminals were set up to send commercial messages over Bluetooth to unsuspecting people passing by with Bluetooth-enabled mobile phones. The companies behind this plan insist it's fine because rather than just sending you the commercial message, they first spam you to ask you if it's okay if they send you a commercial message.

For some reason, these folks then thought it was terrific that they only wasted the time of 85% of the people they spammed. Sure, compared to direct mail, that's a high return, but it's quite a different situation.

Buzzing someone on their phone as they're walking through a train station is likely to really interrupt them as they're on their way somewhere. Yet, due to blind marketing-think, the folks behind it still are insisting it's wonderful and are expanding the program to bug even more people — pretty much guaranteeing that most folks are going to start turning Bluetooth off on their phones.

The people behind it are in denial about how annoying this really is. According to the manager of some airport lounges where this will be used: “I think it's done very well because it enables the customers [to choose]. It doesn't force it on them.” But, it does force it on users — by pinging them without permission to see if they want the ad. That's the spam. Being interrupted as they're trying to do something else. If it was really completely up to the user, they would just put up signs telling people they could request info or content on their phones using Bluetooth. But actively sending them messages via Bluetooth is intrusive and, to many, many people, clearly seen as spam.

We do have a right not to have our own devices interrupt us.

If people don't get this, we'll just get new devices that conform with the Laws of Identity. They won't allow marketers to hit us over the head, distract us and track our behavior without our consent. They'll reward marketers who develop actual positive relationships with us and respect our right to privacy.

[tags: Bluetooth, Bluecasting, Bluespamming]

Here is some important information, reported in New Scientist, from the Bureau of Intrusive Stupidity:

Ignoring adverts is about to get a lot tougher with the development of billboards and advertising posters that use Bluetooth to beam video ads direct to passing cell phones.

Is this the return of the repressed? I thought that was over.

Don't you love it? The video ads are not directed at us – who are, after all, people who have had their fill of peddlers sticking things in our faces. They are directed at passing cell phones. No, but wait:

As people walk past the posters they receive a message on their phone asking them if they wish to accept the advert. If they do, they can receive movies, animations, music or still images further promoting the advertised product.

Yes, we are lonely and need to be contacted by billboards. We desperately want them to phone us. Isn't there a song about this?

“It's all about delivering high quality content, tailored for mobile usage,” says Alasdair Scott, co-founder and chief creative officer of London-based Filter UK, who created the system, called BlueCasting.

Chief Creative Officer? Give this man treatment immediately! I wonder what his mother says?

Here is an example of what he calls “high quality content”.

The posters detected 87,000 Bluetooth phones over a two week period, of which about 17% were willing to download the clip, says Scott.

Right. Would you be expecting a phone call from a billboard? Not really. You might take the first call.

If BlueCasting still sounds too intrusive, there is always one solution, says Whitehouse: “Just make sure your Bluetooth device is set so that it’s not discoverable to other devices.”

How dare Mr. Whitehouse tell me I need to turn off my phone's discoverability if I don't want his billboards connecting to my device?

No. I should not be bothered by passing billboards unless I subscribe to the Billboard Interruption Service, or whatever these people are going to call it. It had better be “opt in”. Of course, Bluetooth's fixed addresses (in contravention of the Fourth Law of Identity) make it easy to put your phone's tracking key on such a list – so you can get your fill of billboard spam.

Meanwhile, where is the noble Steve Mann? With his digital glasses, you can opt to have billboards filtered out of your vision, if you want. Or just particular billboards, if you grow to detest some which are run by demented goofs.

People are coming up with some really interesting new proximity technologies whereby if a person wants to obtain information from a poster, she can take a simple action (like clicking her phone) to get it. Such a technology does not intrude, and can succeed. As for this one, not only would I not invest – but, to quote Jamie Lewis, I'd rather keep my money in a shoe.

Until then, I take this as just one more sign that Bluetooth needs desperately to evolve to a new standard in compliance with the Laws of Identity.

[tags: Bluetooth, Bluecasting]

From New Scientist via slashdot, some concete numbers to anchor estimates of impending bitrates in wireless connectivity:

Cellphones capable of transmitting data at blistering speeds have been demonstrated by NTT DoCoMo in Japan.

In experiments, prototype phones were used to view 32 high definition video streams, while travelling in an automobile at 20 kilometres per hour. Officials from NTT DoCoMo say the phones could receive data at 100 megabits per second on the move and at up to a gigabit per second while static.

At this rate, an entire DVD could be downloaded within a minute. DoCoMo's current 3G (third generation) phone network offers download speeds of 384 kilobits per second and upload speeds of 129 kilobits per second.

The technology behind NTT DoCoMo's high-speed phone network remains experimental, but the 4G tests used a method called Variable-Spreading-Factor Spread Orthogonal Frequency Division Multiplexing (VSF-Spread OFDM), which increases downlink speeds by using multiple radio frequencies to send the same data stream.

The article goes on to say:

Some countries have already begun cooperating on [such 4G] standards. Japan and China signed a memorandum on 24 August to work together on 4G. NTT DoCoMo hopes to launch a commercial 4G network by 2010.

[tags: Wireless, Future Trends]

Steven Grimaud has written to point out Bruce Schneier‘s very nice posting on the heartbreak of global secrets:

Global secrets are generally considered poor security. The problems are twofold. One, you cannot apply any granularity to the security system; someone either knows the secret or does not. And two, global secrets are brittle. They fail badly; if the secret gets out, then the bad guys have a pretty powerful secret.

This is the situation right now in Sydney, where someone stole the master key that gives access to every train in the metropolitan area, and also starts them.

Unfortunately, this isn't a thief who got lucky. It happened twice, and it's possible that the keys were the target:

The keys, each of which could start every train, were taken in separate robberies within hours of each other from the North Shore Line although police believed the thefts were unrelated, a RailCorp spokeswoman said.

The first incident occurred at Gordon station when the driver of an empty train was robbed of the keys by two balaclava-clad men shortly after midnight on Sunday morning.

The second theft took place at Waverton Station on Sunday night when a driver was robbed of a bag, which contained the keys, she said.

So, what can someone do with the master key to the Sydney subway? It's more likely a criminal than a terrorist, but even so it's definitely a serious issue:

A spokesman for RailCorp told the paper it was taking the matter “very seriously,” but would not change the locks on its trains.

Instead, as of Sunday night, it had increased security around its sidings, with more patrols by private security guards and transit officers.

The spokesman said a “range of security measures” meant a train could not be stolen, even with the keys.

I don't know if RailCorp should change the locks. I don't know the risk: whether that “range of security measures” only protects against train theft — an unlikely scenario, if you ask me — or other potential scenarios as well. And I don't know how expensive it would be to change the locks.

Another problem with global secrets is that it's expensive to recover from a security failure.

And this certainly isn't the first time a master key fell into the wrong hands:

Mr Graham said there was no point changing any of the metropolitan railway key locks.

“We could change locks once a week but I don't think it reduces in any way the security threat as such because there are 2000 of these particular keys on issue to operational staff across the network and that is always going to be, I think, an issue.”

A final problem with global secrets is that it's simply too easy to lose control of them.

Moral: Don't rely on global secrets.

[tags: Global Secrets, Bruce Schneier]

I'm glad to say that my long-time friend Bob Blakley of IBM has started what is guaranteed to be a fascinating blog called “Ceci n'est pas un bob“. He's writing with a philosophico-literary bent about what he calls the “axioms of identity”. To get you hooked, here is his first piece on the axioms.

‘Pam commented:

‘”If you were to open an old photo album, and see a picture, let's say this picture was taken by an aunt or uncle. And this picture showed one of your children at christmas, looking up with delight just after they found out what their present was. Would you look at that picture and see that the lighting was all wrong, and that cousin Mervin was picking his nose in the background – or would you register that this loved one of yours was experiencing a moment of joy? Isn't it possible that you would register both? And that the emotion that is valid for you and a small handful of people within this very specific context makes up for the artistic absence?”

‘This is precisely right! I would register both a (negative) feeling for the photographic aesthetics and a (positive) feeling about my child. And a small group of people who know my children would register the second feeling, too (they might not register the first feeling, unless they too have The Photographer's Eye) – but most viewers would have either just the first feeling (“that photo sucks”) or they would have the first feeling together with a generic feeling of affection toward a child at Christmas.

‘Why does my feeling about this (hypothetical) photograph differ from the feelings of the multitudes who might view the photo on flickr? Because of the first axiom of identity:

‘IDENTITY IS SUBJECTIVE

‘Umberto Eco has said that a novel is a machine for generating interpretations; the same thing is true of a picture. But which interpretation a picture generates depends on one's experience.

‘When I see a picture of my own child, I recognize the child. Because of my experience, I know a rich, detailed story about the child, and I associate the picture with that story (the story is, from my point of view, my child's identity – since An Identity Is A Story).

‘A stranger – someone who doesn't know me or my children – has nothing to associate with the picture when she sees it, but she has to react anyway.

‘Because the stranger's experience does not provide her in advance with a story to go with the picture, she has two choices:

• She can associate the picture with a generic story which seems suitable to the content of the picture (here she may be using something like a Norman Rockwell painting of a child opening Christmas presents as an archetype).
• She can have a purely aesthetic reaction to the picture, without thinking of any story at all.

‘The picture doesn't contain either my version of my child's identity story or the generic story which the stranger makes up when she sees the picture; it's just kind of reference to those stories. Over time, more and more people either forget the stories, or forget what the subject of the stories looked like; this tends to disassociate the picture from the stories and make the picture less useful as a reference. (I remember a photo.net thread which asked “what do you most wish were in old pictures?”; the best answer was “name tags”.)

‘There's an important lesson here for people who want to use biometrics as identifiers; biometrics are essentially pictures of people, and people change over time. The practical effect of this is that the biometric database, over time, will tend to “forget” what the subjects of its stories look like (because it will be relying on old pictures) – and indeed one of the design parameters for biometric systems is the rate at which peoples’ physical features change.

‘In fact, of course, everything about a person changes over time – his physical appearance, his attitudes and beliefs, his creditworthiness, his address, his name (OK, more often her name), his bank account number, his employer, and so on. This is in fact our second axiom of identity:

‘IDENTITY CHANGES OVER TIME

‘This is blindingly obvious if you think about it; if An Identity Is A Story, then of course an identity will change over time – because the story keeps developing (unless you're reading some awful psychological novel or play where nothing ever happens).

‘But let's leave discussion of the second axiom for a future post. We haven't yet exhausted the riches of Eco's observation that a story is a machine for generating interpretations.

‘Anytime there's a story, there's also a storyteller and an audience. The storyteller has an intention in telling the story – just as I have an intention in taking a picture. But the members of the audience don't necessarily know what that intention is, and they don't share all of the storyteller's experiences; they bring their own attitudes and experiences to the the campfire around which the story is told.

‘Each listener's attitudes and experiences generate a unique interpretation of the story, just as Eco observed. And this means, of course, that if I tell an identity story, each member of my audience hears a different identity story. So when our first axiom says that IDENTITY IS SUBJECTIVE, it's not just saying that different observers know different parts of the same story. Even if two listeners hear exactly the same story, each of them feels and remembers a different story.

‘If you think about it, this is why more than one credit agency can exist; if all credit agencies had the same algorithms for taking information about me and turning it into a credit report, or a credit score, then they would all be delivering exactly the same product, and there would be no basis (except price) for competition and no reason to consult more than one agency. It's precisely the subjectivity of identity that creates the possibility of, and the need for, competing services.

‘Eco is careful to note that no interpretation should be considered privileged or canonical (as indeed the credit agency example makes clear; if one agency's interpretation were correct, that agency would be able to put the others out of business quickly).

‘The storyteller's own interpretation is particularly suspect (Eco writes “The author should die once he has finished writing. So as not to trouble the path of the text.”) What he's saying here is that interpretations are essentially subjective – that there can be no such thing as a true interpretation. And this too is true of identity stories; certainly the person the identity story is “about” is an unreliable narrator – he's got too much invested in the happy ending to be trusted to give us the unvarnished truth – but he's also the only one who knows all the facts!

So far, I'm in agreement with the “grand lines” of Bob's argument, and appreciate how beautifully he has presented his ideas.

Rather than expressing them as “Laws” or “Axioms”, I captured the ideas of subjectivity and change in the very definition of digital identity on which the Laws rest:

A digital identity is a set of claims made by one digital subject about itself or another digital subject.

Subjectivity is built in to the definition.

At the same time, I adopted the OED's definition of claims as “an assertion of the truth of something, typically one which is disputed or in doubt”; and defined a digital subject as “person or thing represented or existing in the digital realm which is being described or dealt with”.

The introduction of this notion of doubt is really no different from saying, “no interpretation should be considered privileged or canonical.”

I continue to feel it is better – given my role and goals with the metasystem – to avoid discussions of ontology and phenomenology, about which I fear humankind will continue to disagree. But Bob's piece explains some of the thinking that led to the definitions I proposed, and pulling these ideas out as “axioms” deepens the discussion.

I'm looking forward to having Bob joining the discussion. He has a wonderful mind and a great deal of experience in everything related to security.

[tags: Identity, Digital Identity, Bob Blakley, Umberto Eco, Axioms Of Identity, Laws Of Identity]

I've just been catching up on what Eric Norlin has been up to recently – the truth is I lost track of his feed when he moved his thinking from his old place to here.

Note to community: We have work to do on making it less painful to change URLs when using RSS. Could there be a special tag we could put in the last posting at OLD-URL that tells peoples’ blog readers to change their configuration to NEW-URL? Can Dave Winer devise such a thing – or is there some capability defined and I just don't have software that takes advantage of it?

So anyway, I assumed Eric was on vacation… But no way! So I missed some good stuff.

For example, without Eric to point it out, I missed this bizarre proposal by Jonathan Schwartz for government regulation of DRM standards.

And then there was this piece on the simplifying identity assumption being made these days in Malaysia – elimination of all segregation of context, and use of one government-issued identity for every aspect of life. The card conveniently conveys all the ‘necessary basic information’ – like your religion and ethnic group – and will be used for everything from driving to health insurance to credit transactions and digital signature. Could it be more than accidental that this “identity simplification” has evolved in a country which, according to Amnesty International, is plagued with “a pattern of human rights abuses such as fatal shootings, torture and deaths in custody”?

Eric also picks up on Doc's really interesting new work on Splogs:

‘Doc has posted a great blog entry about the rise of Splogs (spam blogs) and what it means for “content.”

‘In essence, Doc sees a possible world in which sites like Google allow “passport like” sign on to paid content that is free of splogs and comment spam, thus relegating the “rest” of the web into something similar to what some Microsoft guys once called the “darknet.”

‘His question to us identity folk has been – “can the identity metasystem solve this?” The answer of course (theoretically) is yes.

‘What's fascinating about this is that identity is on both possibles of this equation:

‘1. in the proliferation of the Darknet, identity enables the walled gardens of paid content to develop, while the rest of the net languishes in identity-poverty like the poor living outside the castle wall.

‘2. in the brighter future, identity isn't a divisive “enabler” but an underlying infrastructure for the entire Net.

‘I'm betting that #2 brings about more innovation and economic opportunity, as it fosters a more open and efficient marketplace.

‘Clearly, we've got some work to do. And clearly there are some bumps in the road and dark days ahead.’

Hope everyone else updates to Eric's new rss feed.

[tags: Identity, Eric Norlin, Digital Identity World, Doc Searls, Splogs]