Thoughts on Technology & People

  • “It’s a tradeoff” and other uni-dimensional thinking

    Many folks, like John Gruber, are responding to criticisms of the iPad’s closed ecosystem with the “it’s a tradeoff” idea: to have such a great computer, you need to lock it down. Some use the argument that Linux has never conquered the desktop, so there, open is incompatible with good usability (I’m looking at you…

  • The Accidental Tinkerer, Unexpected Lock-in, and Fatherhood

    Ben Fry recently explained his concerns about the iPad: I want to build software for this thing. I’m really excited about the idea of a touch-screen computing platform that’s available for general use from a known brand who has successfully marketed unfamiliar devices to a wide audience. [..] It represents an incredible opportunity, but I…

  • The Great Content Lockdown of 2010

    I had an invigorating and thought-provoking chat with my good friend Oliver Roup today. We agreed that the Apple iPad is going to be an unbelievable success. I’ve thought from day one that it would be huge, but I think it will be bigger than huge. Before the end of the summer, millions of people…

  • Protecting against web history sniffing attacks: an alternative

    When a web site links to another web site, the link appears in a different color, usually a lighter shade of blue, if you’ve already visited the site. Unfortunately, this means that a malicious web site can learn what sites you visit by putting up a few links and checking to see how your browser…

  • What the Oscars teach us about voting

    This year, the voting process for the Oscars has changed. Rather than indicating a single choice as they have done since 1946, members of the Academy will provide a first choice, a second choice, etc.. potentially ranking all 10 nominees for Best Picture if so desired. Some are speculating that this will affect the results.…

  • For deniability, faking data even the owner can’t prove is fake

    I was speaking with a colleague yesterday about Loopt, the location-based social network, the rise of location-based services and the incredible privacy challenges they present. I heard the Loopt folks give a talk a few months ago, and I was generally impressed with the measures they’re taking to protect their users’ data. I particularly enjoyed…

  • Taxing Human Transactions – Part 1

    The worst part of my job is dealing with the mess of document formats and coding systems in healthcare. The acronym soup is insane: HL7, CCD, CCR, CDA, Green CDA (which I just heard about from John Halamka’s blog but… no link!), and that’s just the document formats. Then there are coding systems like LOINC,…

  • Buzz Kill

    Everyone is talking about the privacy disaster that was the Google Buzz launch, and oh my goodness it was. I’ve never been so thankful that I don’t use gmail. I’m frankly surprised that they didn’t do a smaller beta first, or that there isn’t a group at Google charged with thinking about the privacy implications…

  • I was wrong about the iPad

    So I made a couple of predictions about the iPad, Apple’s tablet, and I realize in retrospect that, while I got some of the details right, I got the gist completely wrong. I thought it was going to be a special-purpose device. And most commentators are saying just that. But I was wrong and they…

  • Sometimes it’s not counter-intuitive

    Bruce Schneier writes that it’s reasonable for unmanned drones to broadcast unencrypted video streams, because the video stream is not that useful to enemies, and given that many people need access to the video feed, the key distribution problem would be very difficult to manage, and some allies could be severely handicapped if they happened…

  • a prediction regarding the Apple “Tablet”

    Why a prediction? Eh, cause it’s fun and cause I think the Apple Tablet will have a large impact on consumer computing. I think Apple will launch a tablet computer in January that will be aimed at saving TV and print journalism. On-demand video and on-demand print magazines and newspapers will be at the forefront.…

  • Takoma Park 2009: the conclusion

    Well, it’s been a few weeks of craziness at home and catching up on other work, but I’ve finally wrapped up the Takoma Park 2009 audit. The final step: letting you, dear reader, run the audit all on your own. You’ll find the complete instructions here on the auditing site. I haven’t tested this on…

  • It’s a WRAP followup: maybe the goal was client-side certs?

    I’m having some interesting offline followup discussions with folks about oAuth WRAP and my relatively negative reaction to it. One of the comments seems to be that SSL will recreate exactly the security that HMAC signatures were trying to achieve, and it was really hard for developers to do oAuth right in the first place.…

  • It’s a WRAP

    I’m just finding out about oAuth WRAP, a new, simplified version of oAuth which some are calling the “valet key” approach to web data sharing: don’t give your Facebook password to a random web app, instead use oAuth to mint them a valet key that lets the app access only some specific portions of your…

  • Facebook account hacked

    So this evening my Facebook account was hacked and spam messages were posted to a few dozen friends on my behalf. Thankfully, since I’m friends with a number of security-savvy folks, I was notified almost instantly. Now I’ve never cared too much about my Facebook account, so I used one of my weak passwords. I’m…

  • Takoma Park: verifying the shuffle and the unopened ballots

    So the votes have been cast, the uncertified tally has been released, and the confirmation codes have been published for all voters to check. Now, it’s time to make sure that the coded votes, which were shuffled via the Shuffle Tables into the decoded votes in the Results table, were indeed shuffled and decoded correctly.…

  • The first good mainstream article on vaccines in a while

    I meant to mention this a while ago, but I keep forgetting. Amy Wallace at Wired wrote a fantastic piece on how irrational fears of vaccination are putting us all at risk. The feedback to Ms. Wallace has been enormous, and although tilted towards the positive, the negative feedback from the anti-vaccination crowd is insulting,…

  • Takoma Park: auditing the auditor

    Rick Carback from the Scantegrity team just pointed out to me that my totals are not quite the same as theirs, and he surmises that I may have read the Instant Runoff rules incorrectly. Specifically, my code considers that ballots that skip a rank, i.e. that go directly to choice #2 and never indicate a…

  • Takoma Park: and those provisional ballots?

    Coverage of the Takoma Park election continues, with a good article in Wired. And so does the audit! Some people who showed up on election day couldn’t be verified as registered voters. Thanks to one of the useful HAVA provisions, they got to vote provisionally, meaning their ballot was set aside in an envelope labeled…

  • Takoma Park: so can I see my confirmation code already?

    [This post is part of my Auditing the Takoma Park Municipal Election series.] So the votes have been cast, and voters went home. Some of them wrote down their confirmation codes. They probably checked those codes against the official Scantegrity web site. But why would they trust that web site to do all of the…

  • Takoma Park: Meeting 2

    [This post is part of my Auditing the Takoma Park Municipal Election series.] OK, so a couple of days ago we verified the initial P table and D tables for all 6 wards in tomorrow‘s Takoma Park election. Now comes Meeting 2, which was held a couple of weeks ago to open up a random…

  • Takoma Park Election: the 7 steps of auditing

    [This post is part of my Auditing the Takoma Park Municipal Election series.] If you’ve been following, we know what the voter experience is going to be like on Tuesday, and we know what the auditing process is going to be like. So, can we audit this thing already? Yes, we can. Here are the…

  • Source Code and Voting: what’s really on that machine?

    Let’s say someone’s trying to sell you a house. It’s a beautiful house. You visit it. You have it inspected and re-inspected, and it’s perfect. You get a loan approved, and you’re about to sign the papers when you’re told: wait, actually, that house is no longer available, but why don’t you just sign here…

  • Takoma Park 2009: Verifying the Tally from the Confirmation Codes

    [This post is part of my Auditing the Takoma Park Municipal Election series.] We’ll now consider the auditing portion of the Takoma Park election. This is a little bit involved, so we’ll take our time. Importantly, the typical voter does not need to burden themselves with this complexity. All that Valerie, our voter, needs to…

  • Apple fanboy delusions, the Palm Pre is looking mighty tasty

    On many issues, I’m an Apple fanboy. On the issue of the iPhone, less and less. Here’s the short version of the story: Apple produces iTunes, which manages all of your music and videos, and syncs them to your iPod/iPhone. Very cool software, magnificently built, great experience overall. I’ve been using this setup for 6+…

  • Stefano thinks I’m a purist…

    Stefano Mazzocchi is awesome and his thinking on Web-based data is incredibly nuanced and pragmatic, so it’s not often that I want to publicly disagree with him. But in his latest post, I think he’s off the mark. Stefano argues: The difference between RDFa and Microdata (syntactic differences aside) is basically the fact that the…

  • ITdotHealth – a new forum for Health IT discussion and a workshop next week

    Next week, I’ll be in Boston for 2 days for a workshop we’re putting together at Harvard Medical School on Health IT Platforms. We’ll be using this workshop to launch a new hub for discussion and debate around the design of a modular health IT infrastructure. Check out the new site ITdotHealth, the welcome message,…

  • Takoma Park 2009: the voter experience

    For background on this post, check out the Auditing Takoma Park 2009 Election. I’m gathering all documentation on a Google Site. This blog will continue to serve as the narrative, while the datasets and documentation will live on the Google Site, and I’ll refer to them as needed from this blog. Let’s begin with an…

  • One real issue behind the Mint.com sale to Intuit: who owns the data?

    A few days ago, mint.com, a fantastic online personal finance tool, was sold to Intuit. A number of users are disappointed, and some are downright pissed, claiming the “next generation bends over.” Well, first of all, that’s ridiculous, a company sells when it wants to sell, and there are may ways to change the world,…

  • A Partial Report from Social Network Security 2009 @ Stanford

    On Friday, I attended Social Network Security 2009 at Stanford. This was a fantastic get-together, with some very interesting info from Facebook, Google, Yahoo, Loopt, and the research front. I have some notes, mostly from the first half of the day, at which point my laptop battery ran out. Time to upgrade to the 7-hour…