when selfish acts become altruistic

My first open-source contribution was in 1998, when a ragtag bunch of web hackers and I published the first version of one of the first web application toolkits. In 2000, after I’d left the original project, a few other hackers and I “forked” that codebase to make it work on an open-source database, meaning we took the code, copied it to a different repository, and took it down a different path than that envisioned by its maintainers. That has always been the beauty of open-source: if you don’t like the direction of the software, you can always fork it. The … Continue reading when selfish acts become altruistic

the French like their strikes like Americans like their guns

This week, French taxis went on strike because the government passed a law that made Uber and other modern chauffeur equivalents artificially less competitive… but apparently not sufficiently less competitive, and that was a tragedy that only a massive strike could rectify. Then when people jumped into Uber cars because, hey, there were no cabs, those cars were attacked, leaving some passengers bleeding and stranded on the side of the road. If you go read the French press, these assaults on completely innocent people are footnotes. “Incidents.” “Scuffles.” It’s enough to make your blood boil, really, that no one other … Continue reading the French like their strikes like Americans like their guns

there are 3 kinds of crypto

When we use terminology that is too broad, too coarse-grained, we make discussion more difficult. That sounds obvious, but it’s easy to miss in practice. We’ve made this mistake in spades with crypto. Discussing the field as one broad topic is counter-productive and leads to needless bickering. I see 3 major kinds of crypto: b2c crypto, b2b crypto, and p2p crypto. I suggest that we use this terminology consistently to help guide the discussion. We’ll spend less time talking about differences in our assumptions, and more time building better solutions. b2c crypto Business-to-Customer Crypto (b2c) is used to secure the … Continue reading there are 3 kinds of crypto

on cooking turkey and solving problems

On Thursday, my wife and I hosted our 10th Thanksgiving. We both enjoy cooking and baking, though we remain clearly amateurs and tend to make it up as we go along. There was that one time we realized, the night before Thanksgiving, that a frozen 15-pound turkey requires 3 days to defrost in the fridge. I stayed up most of the night, soaking the bird in the bathtub. We’ve gotten better over time: she focuses on stuffing and cranberry sauce, me on turkey and dessert, and we collaborate on some kind of sweet potato dish. The stress almost always comes … Continue reading on cooking turkey and solving problems

Letter to President Obama on Surveillance and Freedom

Dear President Obama, My name is Ben Adida. I am 36, married, two kids, working in Silicon Valley as a software engineer with a strong background in security. I’ve worked on the security of voting systems and health systems, on web browsers and payment systems. I enthusiastically voted for you three times: in the 2008 primary and in both presidential elections. When I wrote about my support for your campaign five years ago, I said: In his campaign, Obama has proposed opening up to the public all bill debates and negotiations with lobbyists, via TV and the Internet. Why? Because … Continue reading Letter to President Obama on Surveillance and Freedom

security is hard, let’s improve the conversation

A few days ago, a number of folks were up in arms over the fact that you can see saved passwords in your Google Chrome settings. Separately, a few folks got really upset about how Firefox no longer provide a user interface for disabling JavaScript. These flare-ups make me sad, because the conversations are often deeply disrespectful, with a tone implying that there was obvious negligence or stupidity involved. There’s too little subtlety in the discussion, not enough respectful exchange. Security is hard. I don’t mean that you have to work really hard to do the right thing, I mean … Continue reading security is hard, let’s improve the conversation

benadida@square

In about a month, I’ll be starting at Square as a Tech Lead on a new project. I’m incredibly excited for a few key reasons: team: oodles of amazingly sharp people. The interview process was simply amazing, both in how much it forced me to demonstrate as an engineer and in how much I learned about the existing team. I know I’m going to learn a ton. It’s also really nice to see Square’s engineering team contributing significant open-source code. product: it’s hard to think of a more product-focused company. The Square products (Register, Wallet, Cash, Market) are amazing. The … Continue reading benadida@square

benadida@vacation

Today is my last day at Mozilla. It’s been an amazing ride, and I’m incredibly proud of the Identity Team and of the work we produced together, notably Persona. The team and project are now in the incredibly capable hands of my friend Lloyd Hilaiel. I expect to see continued fantastic work from this team, and I’ll miss everyone dearly. Mozilla is a special place, and I’m grateful I had the chance to experience it firsthand. I’ll be taking a break for a few weeks. You might see me on this blog and on Twitter from time to time, and … Continue reading benadida@vacation

no user is an island

US government agencies appear to be engaged in large-scale Internet surveillance, using secret court orders to force major Internet companies to provide assistance. The extent of this assistance is a topic of debate. What’s clear, though, is that the process itself is opaque: it’s impossible to know how broad or inappropriate the surveillance may be. OK, so what do we do about it? told you so, never shoulda trusted the Cloud Some folks see this as vindication: we never should have trusted the Cloud. Only trust yourself, generate your own keypairs, encrypt all traffic, host your own email, etc. Servers … Continue reading no user is an island

a hopeful note about PRISM

You know what? I’m feeling optimistic suddenly. Mere hours ago, all of us tech/policy geeks lost our marbles over PRISM. And in the last hour, we’ve got two of the most strongly worded surveillance rebuttals I’ve ever seen from major Internet Companies. Here’s Google’s CEO Larry Page: we provide user data to governments only in accordance with the law. Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don’t follow the correct process. Press reports that suggest that Google is providing open-ended access to our users’ data are false, period. Until … Continue reading a hopeful note about PRISM