This week, I joined Clever as VP Engineering. Clever makes K-12 education software vastly more efficient and effective by simplifying how students and teachers log in. It’s this simple: imagine if you could give teachers and students 10-15 minutes back in every single class. That’s 30-40% more time for actual teaching and learning. That’s what Clever does today, with much more in the works.

I’m incredibly excited about this new adventure, and I want to gush a bit.


My priorities in work are:

  1. people
  2. mission
  3. product

People – strong contributors who know how to work in teams that accomplish more than the sum of their parts – are my top priority. A mission and a product, no matter how good, survive contact with the real world only if backed by strong, honest team players.

A Mission – a clear goal to make a positive, socially beneficial dent in the universe – is my close second priority. Products come and go, pivots happen, but a strong mission gives an organization an invariant, a true north when the storm hits.

And finally, a strong Product. Because once you have great people, and once you have a clear and stable mission, you still need a compelling product to deliver that mission to the market. The product is the last mile of your impact on the world.


Clever meets all three of my priorities in spades.

I am blown away by the quality of people at Clever, starting with co-founders Tyler, Dan, and Rafael, and including every engineer, business-development partner, school experience advocate, recruiter, etc. Clever team members have oodles of education experience, with ex-teachers, ex-DOE, and ex-school-technologists joining hands to build the next-generation education platform. And it’s not just individual quality and skills, as Clever has also built a strong team culture, one that mirrors the values of the education products we want to see. Every team member is always a student, and Clever is a group effort.

The Clever mission is clear and deeply impactful: to save teacher and students time, all the while protecting student privacy and preserving data access controls enforced by schools.

And finally, the Clever product is catching on like wildfire. There remains a mountain of work because there’s a mountain of opportunity to make education software better. But the market is already speaking, and Clever has struck a a very clear chord.

Join Us

We’re a growing team of 20’ish engineers, passionate about applying technology to making K-12 education far more effective. We’re committing to building a diverse team, because teams with a variety of life experiences build better products, and because darnit it’s the right thing to do.

Do you like working on code that makes the world a better place? Do you want to learn from and teach your teammates every day? Do you want to work on hard technical problems not just because they’re hard, but because they’re hard and impactful?

Clever’s a unique place and a unique opportunity. Use your powers for good. Send me a note.


In about a month, I’ll be starting at Square as a Tech Lead on a new project. I’m incredibly excited for a few key reasons:

  1. team: oodles of amazingly sharp people. The interview process was simply amazing, both in how much it forced me to demonstrate as an engineer and in how much I learned about the existing team. I know I’m going to learn a ton. It’s also really nice to see Square’s engineering team contributing significant open-source code.
  2. product: it’s hard to think of a more product-focused company. The Square products (Register, Wallet, Cash, Market) are amazing. The focus on user experience is central to every conversation, and it shows.
  3. mission: Square wants to make commerce easy for businesses of all sizes. This translates in particular into major opportunities for small businesses. And this, in my mind, is what technology is for: to empower the little guys.

For the first time in a long time, my job will require a bit of secrecy. That will be an interesting adjustment for me. On this blog, I’ll continue to write what I think — not what my employer thinks — about technology, policy, etc.

For now, back to vacation. Square team: see you mid August!


Today is my last day at Mozilla. It’s been an amazing ride, and I’m incredibly proud of the Identity Team and of the work we produced together, notably Persona. The team and project are now in the incredibly capable hands of my friend Lloyd Hilaiel. I expect to see continued fantastic work from this team, and I’ll miss everyone dearly. Mozilla is a special place, and I’m grateful I had the chance to experience it firsthand.

I’ll be taking a break for a few weeks. You might see me on this blog and on Twitter from time to time, and I might even tend to Helios Voting a little bit, which has gotten far too little love from me lately. But mostly, I’ll be reading, relaxing, spending time with family. I’m excited about what comes next, and I’ll talk about that more in a few days.


I heard about Aaron Swartz in 2000, when he won the ArsDigita prize. I met him for the first time in early summer 2002, when my little open-source webdev company, OpenForce, joined the Creative Commons team to build the CC web site. That’s also when I met Matt Haughey, whose words helped trigger a bunch of memories in me about Aaron.

Most hackers inevitably meet a younger, better, smarter version of themselves. For me, it happened probably earlier than for most, and it was the day I met Aaron. I was 25, an MIT graduate with a near-perfect GPA, leading my second startup. He was 15 and in high school, self-taught. And he wasn’t just better. He was unbelievable. He mastered complex software topics with an ease that made me look awkward. He got visibly impatient with me. It made me a little bit jealous.

Aaron came to New York City once during the Creative Commons site buildout. He came by our offices, introduced us to the future: newsreaders and RSS. I took him and his father out to lunch for a fancy burger in Soho. He was unimpressed and hated the food. And he said it.

Aaron was brutally honest like that. A few weeks into our work on Creative Commons, Aaron published an update on his web page: “OpenForce… bad, slow, expensive.” I barely slept that night. Here I was, trying to impress one of my idols (Larry Lessig), and this guy was just killing me. I was afraid he was right. I was also mesmerized by his ability to be so direct, so honest, because the truth was all that mattered, consequences be damned.

Over time, I got to understand that none of this technical criticism was personal. Aaron’s standards of openness, expertise, and focus were just incredibly high. By the time we launched Creative Commons, we were on reasonably good terms. We became friendly. We were never very close, and the friendship didn’t get deeply personal. We talked about web frameworks, our mutual passion for a few years (before he moved on to bigger things.) We discussed Creative Commons, semantic web, etc. We chatted over email a bit every few months. We saw each other at a couple of Creative Commons events. I think the last time I saw him in person was in 2006.

One day, he mentioned me in a blog post and called me his friend. I was honored. A year or so ago, we chatted again when he became interested in the work I’m doing at Mozilla. He was excited about what we were doing and started telling people. I was honored, again.

When I heard about Aaron’s JSTOR shenanigans, I reacted much like many others: okay, that was stupid, he’ll get slapped on the wrist and we’ll all move on, because where’s the harm, really? I was pretty busy with my own life and growing family. I didn’t think about his situation very much. I didn’t realize how serious it was getting. I missed how MIT played a role in his predicament (something that makes me incredibly angry right now.) I basically gave to his legal defense fund and moved on.

I wish I’d at least reached out. Said something. Maybe given him an opportunity to vent. It’s unlikely it would have made any difference: he was surrounded by people who knew him far better and who loved him. But you know, maybe. I’m sorry, Aaron, that I didn’t reach out. I’m sorry that the world failed you in the most insane way, that you were put in an unfathomable situation for doing something that harmed no one. That I didn’t appreciate you nearly as much as I could have while you were around.

I spent some time today digging up old photos, and finally found ones I took on the day Creative Commons launched, in December 2002. Here’s a few of Aaron: one with Matt Haughey, one with Glenn Brown and Larry Lessig, one interview with Dan Gillmor, and one on stage describing Creative Commons technology.

Matt Haughey and Aaron Swartz at CC Launch – December 2002

Aaron Swartz, Glenn Brown, Larry Lessig, preparing CC Launch – December 2002

Aaron Swartz interviewed by Dan Gillmor at CC Launch – December 2002

Aaron Swartz speaking at CC Launch – December 2002

I know there was one photo of Aaron, Glenn Brown, and me in front of the Supreme Court on the day of the Eldred argument, November 2002, but I can’t find it. I’ll keep looking.

Hugs to Aaron’s family and friends, we lost someone big.

in praise of hands-on expertise

(I don’t usually share personal stories in public fora, but in this case, and with my wife’s permission, I’m making an exception.)

“Shoulder Dystocia,” said the Obstetrician, as we neared the end of my wife’s otherwise-routine delivery of our son last week. This meant nothing to me. My wife, on the other hand, freaked out. She’s a physician and had understood something I’d missed. My child’s head, which had only just emerged, began to visibly turn blue. I froze and, not for the first time in these medical situations, felt utterly useless.

What followed is best described as a highly coordinated dance. The Doctor started a set of rough and involved maneuvers, with stern orders to the nurse to apply pressure here, apply pressure there. The nurse pushed with one hand and grabbed the phone to call for help with the other. Within 30 seconds, before the additional help even arrived, a shoulder was out, one twist, and then the other. Our son cried and his color quickly turned pink. Cord clamped, scissors handed to me, I cut, doing my best not to shake from the adrenaline. The Pediatric team evaluated our son, and, 5 minutes later, he was in my wife’s arms. His left arm was visibly sore for a few hours. By end of day, though, the pediatrician was confident he had sustained no permanent damage.

So now, a few days later, I am beginning to understand. My son’s shoulder got stuck right after his head emerged. This happens in approximately 1% of births, though oftentimes the situation resolves itself. When it doesn’t, permanent nerve damage is a not-unlikely outcome, with reduced or even no use of the impacted arm. And, because the umbilical cord is compressed, the child cannot breathe. If my son hadn’t been delivered in the 5-10 minutes that followed, he could have suffered permanent brain damage or even died.

Instead, he is a perfectly happy 1-week old baby.

We’re so accustomed to things going well, we forget how quickly things can go wrong. We don’t often enough praise the folks in our society who have deep hands-on experience, with the training to react in a highly coordinated, rehearsed, scientifically proven manner in a matter of seconds. They’re the ones ensuring things go well. Most white-collar professionals, like myself, never need this kind of precise, automatic response. We see it in athletes, but we forget that doctors, pilots, soldiers, and a few others need it too. It’s a response so well learned it’s hard to imagine it could be anything but instinct. So we thank chance, fate, or some other mystical agent. We forget the role of these hands-on experts. We figure we can do without them.

Not so. In that one moment last week, decades of accumulated medical knowledge, analyzed by dozens of researchers poring over thousands of data points, condensed and taught to a team of doctors and nurses, rehearsed through years of training and ingrained through careful checklists, came together so that my son will never need to care that this ever happened. It’s awe-some, in the true sense of the word.

BrowserID and me

A few weeks ago, I became Tech Lead on Identity and User Data at Mozilla. This is an awesome and challenging responsibility, and I’ve been busy. When I took on this new responsibility, BrowserID was already well under way, so we were able to launch it in my second week on the project (early July). It’s been a very fun ride.

Here’s the BrowserID demo at the Mozilla All-Hands last week:

Given my prior work on email-based authentication (EmID, Lightweight Email Signatures, BeamAuth), you might think BrowserID was my brainchild. In fact, it really wasn’t. And, in a testament to the shrinking impact of academic publication venues, none of the BrowserID team had ever heard of my work on email-based authentication before I arrived at Mozila, even though Mozilla folks are quite well versed in the state of the art. But who cares: when I found out about the ongoing work and how we agreed on just about every design principle, I was incredibly excited. And when I realized the fantastic work the team had already done on defining a scaffolding and adoption path for the technology, I was super impressed.

BrowserID started with the Verified Email Protocol, designed by Mike Hanson and Dan Mills, who came up with the approach after extensive exploration of web-based identity approaches over the last two years. It’s a simple idea: users can prove to web sites that they own a particular email address. That’s how they register, and that’s how they log back in the next time they visit the site. BrowserID, the code and site, was initially bootstrapped by Lloyd Hilaiel and Mike Hanson. Shane Tomlinson and I joined the team in June. We now also have an awesome UX design team (Bryan and Andy) and the team continues to grow (yay Austin!)

So, that’s what I’m working on these days: BrowserID and other Identity+UserData efforts at Mozilla. I’m excited to be leading this technical effort. The team is amazing, and we’ve got big aggressive plans to help you control your identity and data on the Web.

my 9.11

Maybe it’s silly to add yet another story to the list of “where I was on 9/11.” I suffered no direct loss, while some people I know did. Many other world events were far, far more awful. But as I did experience 9/11 in person, I feel the need to write down some thoughts, some memories.

On the night of September 10th, 2001, I was having drinks with an old friend (I’m having trouble remembering which friend!) in Chelsea, about 3 miles north of the World Trade Center. We stayed up late. We talked about world politics, terrorism, the Middle East. So when the alarm clock radio came on a bit before 9am (hey, I’m a software guy), with talk of a plane hitting a building, I thought I was having some messed-up dream based on the night’s conversation. By the time I turned on the TV, the second plane had hit. My mom called. “Mom, that’s a second plane, it’s not an accident.” I got a call from my sister who lived a few miles uptown, she was fine, too. I noticed a voicemail from my friend and coworker Josh. His wife, who worked in the WTC, was fine, as she was away on a trip. Then the cell phones went dead.

I threw on clothes and comfortable clothes. I watched the first tower collapse on TV. I grabbed a backpack, put on jogging shoes, and ran out of my apartment on 21st street, between 7th and 8th avenues. From my street I couldn’t see the towers, so I headed to 7th avenue. By the time I got there, all I could see was smoke. I had to ask someone on the street: “where’s the second tower?”

I started walking downtown, towards my office in TriBeCa, about a mile north of the WTC. I panicked for a moment: what if this was just the beginning and more was underway? I stepped into a convenience store, bought 3 candybars and 2 bottles of water. As I walked downtown, I passed cars stopped in the street, doors open, people standing with their radios turned on, straight out of some apocalypse movie. Then I started seeing people covered in dust. I made it to my office just south of Canal St, walked in, and logged on. I think I spent an hour clicking “respond”, writing “yes, I’m fine, more later.”

I found an unused IP address on one of our servers and set up a page to list “I’m ok” messages. Looks like the Internet Archive has a copy. I remember thinking I might be aggregating thousands of messages from around the city, though in the end it was obviously limited to my circle of friends. I guess I wanted to help, in any way I could.

Somewhere in there I chatted with co-workers, emailed our clients and partners, told them we were alright, asked how they were doing. One of our clients was on Wall Street and lost a number of friends.

In the mid afternoon, my friend Greg and I went up on the roof of our office building and talked, looking down Greenwich St towards WTC 7 surrounded by smoke of the collapsed towers. We went downstairs, heard on the radio that WTC 7 had collapsed, ran back up, and sure enough, it was gone. That night, Amanda, Greg, my sister and I crowded into my little apartment, ate frozen pizza and watched the news until we couldn’t anymore.

One of my best friends was stuck in Pennsylvania on a business trip. He wanted to be home in NYC, but couldn’t.

I gave my team the week off.

The next few days were odd.

I wasn’t able to fly out to the West Coast that Friday to see my friend Rodrigo’s new baby.

I stayed up nights listening to fighter jets flying overhead. I participated in far too many email arguments about “how to respond.” I was crazy and emotional. I made stupid, childish arguments. Within a few weeks, I would be calmer and, I think, more reasonable. I wish our leaders had also taken a moment to breathe.

People started going about their business again. There was the smell of burn in the air, but people tried not to talk about it. People were nice. Very nice. I went out a lot. I followed my friend Arjun to see indie bands on the lower east side. I didn’t want to stay in, ever, I needed to go out and be with people. I remember a faux-french band we saw, the guitarist wore an “I [heart] NYC” t-shirt he’d modified to say “J'[aime] NYC”. They didn’t mention the burning buildings. No one talked about it. Instead people went out of their way to be friendly, to reach out, to help.

That was, in some way, the saddest part of that experience. Everyone wanted to help. Doctors waited for the wounded, but none came. People lined up to give blood, but none was needed. People lined up to help downtown but there wasn’t room for everyone. So we tried to help each other, in small ways, every day.

with freedom comes responsibility: open publishing

As of a few months ago, I’m no longer on a publish-or-perish academic track. Mozilla gives me the freedom to publish, but no pressure. Coincidentally, the publishing world is at a bit of a crossroads. Some organizations, like USENIX, are increasingly open: all papers are published for the world to see, many talks are videotaped and available openly. Others, like IEEE, are increasingly closed, with tighter and tighter constraints on authors, more paywalls and obstacles to the dissemination of knowledge.

I’ve got increased freedom, so I intend to use it. Starting today, I will not publish nor review papers destined for closed venues. Academic publications should be available for the world to read, to learn from, to build upon. If you’d like me on your program committee, if you’d like me to review a journal publication, if you’d like me to help with a paper, please understand that I will refuse if the conference/journal isn’t truly open. In the short term, this probably means I’ll only work with USENIX, and maybe IACR which appears to be moving towards true open-access.

My move isn’t exactly courageous. I have the luxury to make this decision, while many of my colleagues do not. I hope a few tenured professors make this move, though, as they have both the luxury and a good bit more influence than I do. Matt Blaze is starting down this path. Dan Wallach is helping tweak the IEEE approach. All of these efforts are incredibly important.

This is about free dissemination of knowledge. This is the point of the Internet. Academics who stand for discovery and learning should be outraged by the direction most publishers are taking today, and should at the very least encourage those publishers who are doing it well. Hesitating between ACM and USENIX? Go with USENIX. IACR holding a vote on open-access publishing? Make your voice heard.

2 months in at Mozilla

It’s been 2 months since I started at Mozilla. I’m working with fantastically talented and friendly people. I’m enjoying myself tremendously and I’m starting to get a sense of what makes Mozilla different from my previous experiences. Put simply, it’s teamwork.

In his speech to Harvard Med School graduates last week (stick with me here, this is relevant), Atul Gawande (author of the Checklist Manifesto), laid out, in his clearest and most convincing argument yet, how the practice of medicine needs to change:

The core structure of medicine emerged in an era when doctors could hold all the key information patients needed in their heads and manage everything required themselves. One needed only an ethic of hard work, a prescription pad, a secretary, and a hospital willing to serve as one’s workshop, loaning a bed and nurses for a patient’s convalescence, maybe an operating room with a few basic tools. We were craftsmen. We could set the fracture, spin the blood, plate the cultures, administer the antiserum. The nature of the knowledge lent itself to prizing autonomy, independence, and self-sufficiency among our highest values, and to designing medicine accordingly. But you can’t hold all the information in your head any longer, and you can’t master all the skills. No one person can work up a patient’s back pain, run the immunoassay, do the physical therapy, protocol the MRI, and direct the treatment of the unexpected cancer found growing in the spine. I don’t even know what it means to “protocol” the MRI.

Gawande tells colleagues they need to work as well-oiled teams. No heros, no cowboys. I believe, and surely I’m not the first, that the same path lies ahead for software engineers.

The open-source and free software movements caught on to this a long time ago. Sure, there are leaders (Richard Stallman, Linus Torvalds, Mitchell Baker.) But more importantly there are teams, incredibly agile teams of developers who rise to the occasion of the software itch that needs scratching. The coordination requirement on most software is usually not that of a medical team treating an emergency patient… except when it comes to releasing Firefox 4 to 100,000,000 users in 84 languages in a matter of days. You need a well-oiled open-source software machine run by a top-notch team, and that’s what Mozilla is.

There are no rock stars, or rather, everyone’s super impressive in their own way but no one is treated like a rock star. Because what matters is the team. This is incredibly refreshing for me, especially coming from academia where, though individual academics are highly collaborative by nature, there is a strong incentive to specialize, find a niche, and be the single rockstar in that niche, because that’s how you get promoted.

So I’m really enjoying Mozilla. And, we’re hiring, so if you want to work on one of the world’s most important pieces of digital infrastructure, drop me a line.


In a few days, I’ll be joining Mozilla.

What started as a fun lunch with Sid and Alex quickly turned into passionate brainstorming with Mike, Pascal, and Lloyd on the Mozilla Labs team. I told them I wanted to deeply explore a few ideas I’ve written about and prototyped (here and here, for example) and more importantly to work on making the browser a true user agent working on behalf of the user. Mozilla folks are not only strongly aligned with that point of view, they’ve already done quite a bit to make it happen. Check out Mike Hanson’s post just a few days ago on using Web Applications for Service Discovery. And check out what the entire team just released: Open Web Apps. Not to mention the less closely related but still totally awesome work Sid and Alex are doing with Do Not Track. This is the first effort I know of that is successfully using technology to declare a preference (“please don’t track me”), which can then be leveraged by policy makers to ensure that it is respected. As a long-time student of the interplay between tech and policy, I love this hack.

My job will be to join this fantastic team and see what I can contribute. I suspect that will involve some privacy, some crypto, some data portability, and a lot of web hacking. I’ll continue to blog here at, though when I speak here I’m speaking for myself only, not on behalf of my soon-to-be employer. And I’ll continue to hack a bit on Helios, my voting system, especially as it continues to inform how one might do advanced crypto in a web browser.

I’m super excited.