Benlog

Thoughts on Technology & People

  • ITdotHealth – a new forum for Health IT discussion and a workshop next week

    Next week, I’ll be in Boston for 2 days for a workshop we’re putting together at Harvard Medical School on Health IT Platforms. We’ll be using this workshop to launch a new hub for discussion and debate around the design of a modular health IT infrastructure. Check out the new site ITdotHealth, the welcome message,…

  • Takoma Park 2009: the voter experience

    For background on this post, check out the Auditing Takoma Park 2009 Election. I’m gathering all documentation on a Google Site. This blog will continue to serve as the narrative, while the datasets and documentation will live on the Google Site, and I’ll refer to them as needed from this blog. Let’s begin with an…

  • One real issue behind the Mint.com sale to Intuit: who owns the data?

    A few days ago, mint.com, a fantastic online personal finance tool, was sold to Intuit. A number of users are disappointed, and some are downright pissed, claiming the “next generation bends over.” Well, first of all, that’s ridiculous, a company sells when it wants to sell, and there are may ways to change the world,…

  • A Partial Report from Social Network Security 2009 @ Stanford

    On Friday, I attended Social Network Security 2009 at Stanford. This was a fantastic get-together, with some very interesting info from Facebook, Google, Yahoo, Loopt, and the research front. I have some notes, mostly from the first half of the day, at which point my laptop battery ran out. Time to upgrade to the 7-hour…

  • The evolution of OpenID: you’re not a URL after all

    The US government has just announced a pilot program to integrate OpenID (and Information Cards) into public government web sites. This is very interesting news, as it will likely catalyze even greater OpenID deployment and use. [I’ve poo-poo’ed OpenID here and here, because of phishing and privacy concerns. I’m still very worried. I’ve suggested ways…

  • Auditing the Takoma Park Election

    In November of this year, citizens of Takoma Park, Maryland will use the Scantegrity voting system in their municipal election. This is a significant milestone for open-audit voting systems: the first time a government official is elected using a voting system that is verifiable from start to finish by any observer, even resistant to insider…

  • What about the less obvious errors?

    The New Scientist points out a case of genotyping error by one of the consumer genomics companies, where a software bug caused a genotype to appear non-human. The article attempts to be reassuring: Before other deCODEme customers get too irate about errors in data for which they have paid almost $1000, the bug affects only…

  • Real-world usage sometimes includes things you don’t like

    When people criticize RDFa without much experience really working with it, I tend to ignore the comments, because they’re usually out to prove some subjective point about what they think the Web should be like (“prefixes are ugly!” “Yahoo’s RDFa support was broken once so clearly RDFa sucks!”…). But when Jeni writes about RDFa, given…

  • Schneier on self-enforcing protocols and voting

    Bruce Schneier pens another great article on how certain protocols between people who do not trust one another can be set up to prevent cheating without third-party oversight. Of course, the gem of the article pertains to voting: Modern voting systems are rife with the potential for cheating, but an open show of hands in…

  • Quick Thoughts from EVT Day #2

    I gave an invited talk on crypto voting. Ran out of time, as usual. I need to find a way to describe this stuff more efficiently. Later, I also presented MarkPledge2, joint work with Andy Neff. Olivier de Marneffe presented the UCL/Helios implementation. So much material to present there, he did a fantastic job of…

  • EVT/WOTE 2009, Day 1, Afternoon

    I had to miss the first afternoon session of EVT/WOTE to attend WOOT (Workshop on Offensive Technologies) where Adam was presenting a paper Collin and I co-authored on hijacking bookmarklets (I wrote about this work a few months ago). Sadly, I missed what I hear were two great talks. Oh well, hopefully they’ll be on…

  • EVT/WOTE 2009, Day 1, Morning

    I’m at the Electronic Voting Technology / Workshop on Trustworthy Elections get-together (in Montreal). A few thoughts about the day and talks. Keynote Larry Norden from the Brennan Center is proposing a few ideas about what the voting community should focus on. Voting machine security, including forensics. Thinks statistical analyses to detect fraud is going…

  • HealthEngage leaking email addresses?

    For more than 10 years now, I’ve used custom email addresses when I log in to a web site I don’t fully trust, e.g. ben-SITENAME at adida.net. Until recently, the only time I’ve actually been able to trace emails to their source is when I saw how Democrats reused some of their mailing lists during…

  • Creative Commons and the Associated Press

    Some thoughts about the recent Associated Press / Creative Commons story: When Creative Commons launched in 2002, we were often asked “is Creative Commons a form of DRM?” Our answer: no, we help publishers express their rights, but we don’t dabble in enforcement, because enforcement technologies are unable to respect important, complex, and often subjective…

  • The erosion of our expectation of autonomy, and the Kindle Pledge

    As much as DRM bothers me, I’ve tolerated some implementations of it, specifically Apple iTunes, Apple’s iPhone App Store, and the Amazon Kindle, because I’ve gotten more value than pain out of them. And, usually, the DRM didn’t get in the way. But the slippery slope of DRM has reached a dangerous point with the…

  • Multi-Factor, maybe, but is it really harder to phish?

    MIT Tech Review asked me for a general comment on web authentication for their article covering new technology by Delfigo. There wasn’t enough time to look in depth at Delfigo’s technology, so my comments were about multi-factor authentication in general, and whether the additional factors are easily phishable. In other words, it’s interesting if authentication…

  • Quis custodiet Hawk-Eye?

    This past Sunday, I watched the awesome Wimbledon Finals, and I couldn’t help but notice the number of times that Hawk-Eye, the computerized “line-calling” system, overruled the human judges, even the Umpire regarding one particularly important point. The sports commentators repeatedly alluded to “trouble” with the Hawk-Eye system, so today I looked it up. Sure…

  • Engaging Data going, going….

    The Engaging Data Conference at MIT, which brings together a number of interesting folks around the management of personal electronic data, is happening in October. The deadline for papers is this week, so submit a paper now if you’ve got some good ideas to share.

  • Pot, Kettle, meet Zuckerberg

    Facebook is an impressive company, they’ve done and continue to do some very amazing things. And I admit I certainly didn’t see them coming 4 years ago. But okay, come on: “No one wants to live in a surveillance society,” Zuckerberg adds, “which, if you take that to its extreme, could be where Google is…

  • Open Licensing in Health IT

    John Halamka, renowned CIO of the Beth Israel Deaconess Medical Center (BIDMC), is a blogger, and he just added a Creative Commons license after making the following remarks: I want my blog to be used for education, training, and research. I hope that its contents appear in derivative works such as other blogs, websites, and…

  • Loosely Coupled Health IT

    My research group, Children’s Hospital Informatics Program, just released a statement of principles in designing the next generation of Health IT, and folks are picking it up. The key concept is substitutability, or what software/Internet architects have called loose coupling. The idea is to build modular rather than monolithic systems, and ensure that the modules…

  • Distributed Data Stores: the birth of a new layer in the stack

    I learned web programming in 1995, when a SQL database for storing your data was the obvious choice, but the options were still few, expensive, and slow. Since then, the SQL database has become ubiquitous, and the options are many, including at least two very solid free/open-source solutions. But when it comes to large datasets,…

  • Empowering the Patient vs. Enabling an Artificial Monopoly

    Health Information Technology is moving along fairly quickly, with the stimulus money and the rise of Personally Controlled Health Records (Indivo/Dossia, Google Health, Microsoft HealthVault). I’m quite optimistic about the future of health data: there is a growing effort to free the data in order to empower patients. And then there are some really boneheaded…

  • Shieber on Open Access

    Stuart Shieber, the architect of Harvard’s Open Access policy and a colleague at Harvard’s Center for Research on Computation and Society, has started a new blog on open-access academic publishing. Worth keeping an eye on if you want to understand the politics, mechanics, and economics of the issue.

  • More on Google Wave Trust Model

    I wrote briefly about Google Wave, and Ben Laurie points out that my statement on the Google Wave trust model is misleading. He’s right. I said that the Google Wave trust model is the same as email (and thus I think Google Wave will succeed). What my words unfortunately and misleadingly implied is that it’s…

  • Google Wave – thoughts

    First impressions / predictions on Google Wave, Google’s new communication idea/product/protocol/service: because it’s open-source, federated, and follows the same trust patterns as email, it will be successful whatever authentication protocol Google Wave uses will be a significant (if not a crushing) player in the web authentication space, and that’s not a bad thing because it…

  • Engaging Data Forum @ MIT in October

    I’m on the Program Committee for a new conference being held at MIT in the Fall, the Engaging Data Forum. A number of fascinating topics around the issues of managing personal electronic information. Of course I’m focused on the security, privacy, and interoperability aspects, but there’s more, including geolocation, collection from portable devices, etc… Send…

  • Creative Commons Tech Summit, June 26th

    Creative Commons is holding its third technology summit on June 26th. The previous two have been lots of fun, very productive, with a unique mix of policy-oriented tech folks. Plus, it’s in Italy! How can you go wrong?

  • Back from Israel – talks and press

    Just got back from a trip to Israel, mostly vacation but a couple of very fun days at the Electronic Voting Workshop organized by IDC Herzliya and Tel Aviv University. A great group of folks, some very lively discussion, and a very productive workshop in Israel before they deploy electronic voting machines (imagine that, debating…

  • Incremental Benefit and Bursts of Innovation

    Ian Davis, of eRDF fame and a great guy all around, writes about Google’s recent RDFa announcement: At first this announcement seemed like a big deal – Google supporting the web of data in a big way, a real push into the world of open structured data. However, a closer look reveals that Google have…