no user is an island

US government agencies appear to be engaged in large-scale Internet surveillance, using secret court orders to force major Internet companies to provide assistance. The extent of this assistance is a topic of debate. What’s clear, though, is that the process itself is opaque: it’s impossible to know how broad or inappropriate the surveillance may be. OK, so what do we do about it? told you so, never shoulda trusted the Cloud Some folks see this as vindication: we never should have trusted the Cloud. Only trust yourself, generate your own keypairs, encrypt all traffic, host your own email, etc. Servers … Continue reading no user is an island

a hopeful note about PRISM

You know what? I’m feeling optimistic suddenly. Mere hours ago, all of us tech/policy geeks lost our marbles over PRISM. And in the last hour, we’ve got two of the most strongly worded surveillance rebuttals I’ve ever seen from major Internet Companies. Here’s Google’s CEO Larry Page: we provide user data to governments only in accordance with the law. Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don’t follow the correct process. Press reports that suggest that Google is providing open-ended access to our users’ data are false, period. Until … Continue reading a hopeful note about PRISM

what happens when we forget who should own the data: PRISM

Heard about PRISM? Supposedly, the NSA has direct access to servers at major Internet companies. This has happened before, e.g. when Sprint provided law enforcement a simple data portal they could use at any time. They used it 8 million times in a year. That said, the scale of this new claim is a bit staggering. If the NSA has access to these 9 companies’ data, it has access to every American Citizen’s complete life. what’s really happening? I think we don’t know yet what’s happening. I’m dubious that NSA has direct access to servers at Google, Facebook, Apple, etc. … Continue reading what happens when we forget who should own the data: PRISM

getting web sites to adopt a new identity system

My team at Mozilla works on Persona, an easy and secure web login solution. Persona delivers to web sites and apps just the right information for a meaningful login: an email address of the user’s choice. Persona is one of Mozilla’s first forays “up the stack” into web services. Typically, at Mozilla, we improve the Web by way of Firefox, our major lever with hundreds of millions of users. Take asm.js, Firefox’s new awesome JavaScript optimization technology which lets you run 60-frame-per-seconds games in your web browser. It’s such a great thing that Chrome is fast-following. Of course, Chrome also … Continue reading getting web sites to adopt a new identity system

Identity Systems: white labeling is a no-go

There’s a new blog post with some criticism of Mozilla Persona, the easy and secure web login solution that my team works on. The great thing about working in the open at Mozilla is that we get this kind of criticism openly, and we respond to it openly, too. The author’s central complaint is that the Persona brand is visible to the user: It [Persona] needs white-labeling. I know that branding drives adoption, but showing the Persona name on the login box at all is too much; it needs to be transparent for the user. Most of the visits to … Continue reading Identity Systems: white labeling is a no-go

so what if torture works?

I’ve seen most of Zero Dark Thirty, the movie that claims to tell the story of the search for and killing of Bin Laden. It’s a pretty gruesome film, with clear implications that torture led to information that led us to Bin Laden. There are fierce debates about whether that fact – that torture led us to Bin Laden – is true or not. Almost every time torture is discussed, the discussion quickly shifts to one side saying “see, it’s effective!” and the other saying “it doesn’t even work!” Here’s a simple question I don’t hear asked all that often: … Continue reading so what if torture works?

Firefox is the unlocked browser

Anil Dash is a man after my own heart in his latest post, The Case for User Agent Extremism. Please go read this awesome post: One of my favorite aspects of the infrastructure of the web is that the way we refer to web browsers in a technical context: User Agents. Divorced from its geeky context, the simple phrase seems to be laden with social, even political, implications. The idea captured in the phrase “user agent” is a powerful one, that this software we run on our computers or our phones acts with agency on behalf of us as users, … Continue reading Firefox is the unlocked browser

the Web is the Platform, and the User is the User

Mid-2007, I wrote two blog posts — get over it, the web is the platform and the web is the platform [part 2] that turned out to be quite right on one front, and so incredibly wrong on another. Let’s start with where I was right: Apps will be written using HTML and JavaScript. […] The Web is the Platform. The Web is the Platform. It’s going to start to sink in fast. […] Imagine if there’s a way to have your web application say: “please go pick a contact from your address book, then post that contact’s information back … Continue reading the Web is the Platform, and the User is the User

Aaron

I heard about Aaron Swartz in 2000, when he won the ArsDigita prize. I met him for the first time in early summer 2002, when my little open-source webdev company, OpenForce, joined the Creative Commons team to build the CC web site. That’s also when I met Matt Haughey, whose words helped trigger a bunch of memories in me about Aaron. Most hackers inevitably meet a younger, better, smarter version of themselves. For me, it happened probably earlier than for most, and it was the day I met Aaron. I was 25, an MIT graduate with a near-perfect GPA, leading … Continue reading Aaron

The Onus is on Scientists – Shame on the AAAS

The American Association for the Advancement of Science (AAAS) has just come out against California’s Proposition 37, which would mandate the labeling of genetically-modified foods. In my opinion, the AAAS has failed its duty as promoters of Good Science. The question is not whether genetically-modified foods are safe. I see the benefits, and I see the downsides (especially as a security guy, since food safety testing is, in my opinion, very poorly done), and the debate will rage on for a long time. But whether genetically-modified foods are safe is not the issue. The issue is whether consumers have a … Continue reading The Onus is on Scientists – Shame on the AAAS