Kevin Marks on the Last 10 Years and the Next 10 Years of the Web

Kevin Marks, author of the weblog Epeus Epigone, software engineer and principal engineer for Technorati. 11 February 2006 SourceDavid Sifry http://www.flickr.com/photos/dsifry/101236723/
Kevin Marks, author of the weblog Epeus Epigone, software engineer and principal engineer for Technorati.
11 February 2006
Source David Sifry

Kevin Marks compares and contrasts the Web as it was a decade ago, where it is right now, and where it possibly should be headed. He has some great observations about how cyclical the open and closed nature of the Web was and still is. He believes that we are in an era of silos, when it comes to the social web, and that with things like the indieweb movement the Web can once again be more open and distributed.

Here is his talk at LeWeb:

Here is an interview after his talk:

If you don’t know who Kevin Marks is here is a link to his wiki page. He’s worked at Apple, Google, Salesforce, and more. I sometimes hear him chime in on This Week in Google with Leo LaPorte, Gina Tripani, and Jeff Jarvis. This podcast is one of the best in terms of discussion about the Web and the cloud.

All Hail the Christmas Stick

Christmas StickThe Christmas Stick looks like we murdered a bunch of villagers and hanged them from  a tree to frighten off our enemies.

I know it’s getting cold when I can freeze dry my hair

image

I know it’s getting cold when I can freeze dry my hair

Learning to Code is not a Panacea

I’m all for people learning to write computer code and I’ve promoted it to my friends (with the severely limited reach I have) as well. However, the marketing push for kids and people to learn to write code are over simplifying and glamorizing something that, like anything else in life, takes talent and drive to be truly successful. I’m not negative on people learning to code but just want people to have the proper perspective on what learning to code means in a general sense.

Many people can write. I’m writing this blog post for instance. Many people can fix cars, play guitar, ice skate, observe celestial objects, and on and on and on. But, how many of us are paid to do any of the above? That’s the key here. The people that are really good at what they do most often get paid for that skill. Not everyone will be a Stephen King, Stevie Ray Vaughan, Michelle Kwan, or Neil deGrasse Tyson.

I learned to write code about 30 years ago using an Atari computer hooked up to my 13″ color television set. I learned MS BASIC and I created all kinds of rudimentary games and utilities. I was never great at it and I abhorred debugging the programs. I found the act of writing code to create software boring. But, this is not to say that I didn’t learn anything valuable from it. I learned a great deal about how computers work and a computer turned into a tool for me to use rather than a magic box that just did things. I reached an understanding.

Growing up in Chicago at that time there were no computer courses or clubs that I knew of and while I didn’t lose my interest in computers or technology I didn’t know of any way to expand on what I had already learned. So, I moved on. I kept up with what was happening in the world of computers by reading PC World and PC Magazine but never pursued more formal education in technology (a serious number of years wasted to youthful indiscretions didn’t help me either).

Jump forward to 1993 and I decided to go back to school and get my computer science degree. I took courses in algorithms, C++, logic gates, compression and error correction, and I passed them all with decent grades. But while taking them I realized that I still didn’t have real interest in writing computer code for a living. I loved understanding how everything worked but I found the actual work of coding to be drudgery. I obtained my computer science degree but never pursued a career in a technology field. I knew I just wasn’t good enough at writing code to create software for a living.

People like Bill Gates, Mark Zuckerberg, Larry Paige, Sergey Brin, and all the rest of the software engineers at Google, Facebook, Microsoft, Apple et al, are extremely talented at what they do and they have the drive and determination to push their ideas forward.

I guess the point I’m driving at is that, yes, everyone should learn to write computer code, but it is not enough to just learn to code and learning to code will not make you a computer genius. I view learning to code like I view learning to read, write, and simple mathematics. You need these basic tools to understand how the world works and computers are more a part of our lives than at any point in time in our history. Like with any profession or art form you must have talent and drive to be truly great.

Get started understanding computers at code.org

Tech Giants Press Governments on Surveillance

reformgovernmentsurveillanceLet’s here it for the tech giants. AOL, Apple, Facebook, Google, LinkedIn (not really a giant but what the heck), Microsoft, Twitter, and Yahoo! sent an open letter to President Obama and Congress pushing for reform of policies with regards to surveillance of individuals and access to private communications and information.

All good public initiatives would be incomplete without the launch of a web site. ReformGovernmentSurveillance.com has been given life and this is where you’ll find the 5 principles the tech giants believe are necessary to ensure individual rights are protected while government retains the tools it needs to keep citizens secure (I think we already have a document called the Constitution of the United States that covers these issues).

Below is the text of their open letter.

Dear Mr. President and Members of Congress,

We understand that governments have a duty to protect their citizens. But this summer’s revelations highlighted the urgent need to reform government surveillance practices worldwide. The balance in many countries has tipped too far in favor of the state and away from the rights of the individual — rights that are enshrined in our Constitution. This undermines the freedoms we all cherish. It’s time for a change.

For our part, we are focused on keeping users’ data secure — deploying the latest encryption technology to prevent unauthorized surveillance on our networks and by pushing back on government requests to ensure that they are legal and reasonable in scope.

We urge the US to take the lead and make reforms that ensure that government surveillance efforts are clearly restricted by law, proportionate to the risks, transparent and subject to independent oversight. To see the full set of principles we support, visit ReformGovernmentSurveillance.com

Sincerely,

AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter, Yahoo

Source: Ars Technica

Lincoln and his Gettysburg Address

Haycopy-1Today is the anniversary of one of the greatest speeches ever given by a United States President. President Abraham Lincoln’s Gettysburg Address is uniquely American in its sentiment and brevity. Few speeches before or since hold the true nature of what it means to be an American.

Four score and seven years ago our fathers brought forth on this continent a new nation, conceived in liberty, and dedicated to the proposition that all men are created equal.

Now we are engaged in a great civil war, testing whether that nation, or any nation so conceived and so dedicated, can long endure. We are met on a great battlefield of that war. We have come to dedicate a portion of that field, as a final resting place for those who here gave their lives that this nation might live. It is altogether fitting and proper that we should do this.

But, in a larger sense, we can not dedicate, we can not consecrate, we can not hallow this ground. The brave men, living and dead, who struggled here, have consecrated it, far above our poor power to add or detract. The world will little note, nor long remember what we say here, but it can never forget what they did here. It is for us the living, rather, to be dedicated here to the unfinished work which they who fought here have thus far so nobly advanced. It is rather for us to be here dedicated to the great task remaining before us—that from these honored dead we take increased devotion to that cause for which they gave the last full measure of devotion—that we here highly resolve that these dead shall not have died in vain—that this nation, under God, shall have a new birth of freedom—and that government of the people, by the people, for the people, shall not perish from the earth.

What was President Lincoln saying here? In more modern terms I believe he was saying that yes, people died here fighting to keep the United States united. But, even though so many died what we cannot do is treat this battlefield as a holy place. We cannot fall into the trap of dwelling upon the dead at the sacrifice of the living and the future of the nation. Instead we should honor those that died by renewing our commitment to liberty and keep this nation alive.

At the Battle of Gettysburg over 150,000 people fought for three days. This resulted in almost 8,000 dead and more than 38,000 wounded, captured, or missing. For a single event it was one of the greatest losses of American life in history.

I think it’s important to look at where we were, compare and contrast that with where we are, and ask the American question of are we more free? Are we still attempting to form a more perfect union? Are we still protecting our liberties for our posterity? Is this still a nation with a government that is of the people, by the people, and for the people?

Online Exhibit for President Lincoln’s Gettysburg Address

Wrapping My Head Around a SQRL

Welcom to SQRLSQRL, if adopted and implemented can change our entire relationship with web sites and how we use them. SQRL is simple, elegant, and uses current technology which should create a low barrier to entry for web sites to employ. This just might be the perfect solution to the problem of usernames and passwords.

Usernames and passwords came along before the Internet and long before they became necessary to access almost anything on the Web. In a perfect world we should all have different usernames and passwords (and long ones that contain numbers and special characters for that matter) for each and every thing that requires them because if we don’t and some nefarious person gained access to that information they would then have access to all the places where you use them.  But who has the memory capable of keeping unique usernames and passwords for everything? Just about no one. I was introduced to a solution that purports to get rid of usernames and passwords as we know them. It’s called SQRL (pronounced squirrel) and it stands for Secure Quick Reliable Login. I’ve read through the proposal of how this works. And, while I don’t have expertise in cryptography, I think I understand the basics and I’ll do my best to explain it as I understand it.

Unique Usernames and Passwords for Every Web Site

The SQRL system creates a unique username and password for each and every web site that employs this technology. To make it even more secure the user never needs to know their own username or password for the sites they visit. This means no longer would a person have to worry about their Facebook or Twitter account being compromised and then have to worry about all the other sites where they used the same username and password combination. It sounds like magic.

Creating a Master Key

In order for SQRL to work a person has to download an app to their phone or computer (SQRL app) and choose a master password. This password is the only one you’ll ever need and it should be a good strong unique password for this system to be effective. This password will be run through what’s called a hash function which produces what seems to be a bunch of random characters. This bunch of seemingly random characters will be called your Master Key.

Logging into a Web Site

When a person goes to a web site that uses SQRL the site will present a QR code and/or link to a web site address. Here’s an example of what you might see on a web page:

Example SQRL QR CodeClick Here

You scan this QR code with your smartphone using the SQRL app and the app will communicate with the web site separately and you would be logged in. No usernames or passwords are ever typed into any form fields. The same login method can be accomplished, if you’re at home or using a trusted computer, by installing an app or browser extension that performs the same task by clicking on the link.

How is this Done?

This QR code is just a graphical representation of the text of a link. Here’s the actual link that created the QR code above, https://www.example.com/sqrl?7b514d3f1d60e848d0b9cc024b9af0c98a92c60c04849771282a322e765f665a. If you scan the QR code with a bar code scanner app on your smart phone this is what you’ll see.

The random set of characters you see after the question mark in the link is a random number that the web site will create and this number would be unique each time anyone visits that login page.

The SQRL app will take the web site address (www.example.com), combine it with your Master Key, and run them both through a hash function to create two new keys. One that is public and one that is private. The public key ends up being your user ID and the private key temporarily stays in your SQRL app.  The string of characters below is an example of what might pass as username.

a61dc96734eff25c01b332d3c0e3354270d2829533a2607321112bee5922d8ee

The great thing about hashing is that no one can take the number above and go backwards to find your Master Key. But, you can take the web site address, combine it with your Master Key, run them through a hash the same way and produce the same string of characters every time. So it’s a one way street.

In the SQRL app the string of random characters that was provided at the end of the web site’s address gets encrypted by the private key (digitally signed). This digitally signed string of data is essentially your password and it gets passed to the web site where the only thing that can decrypt it is the public key (user ID). The web site decrypts the “password” and if it returns the same exact string of random numbers then the site knows you are who you say you are.

In essence you will create a different password every time you log in to any web site because the random string of characters that the web site generates is different every time the page is refreshed. So even if someone gets a hold of your new super long user ID they cannot compromise your account unless they have the private key. The private key is not stored in your SQRL app because it can be generated every time you visit a site.

I’m sure there are many things that I don’t have exactly correct because, as I said, I’m not an expert by any means in cryptography or Internet security. But I’m pretty sure I have the basics down. SQRL is incredibly secure because users won’t know their own user IDs and passwords to any web site. User IDs are long and seemingly random. Passwords are generated on the fly and can only be created with the use of the SQRL app and the Master Key. The SQRL app can only be accessed by the user’s master password.

If there are weaknesses it’s in the user’s master password and getting web sites to implement SQRL. A person can use anything they want for their master password so their identity can be as secure or insecure as that single master password. Web sites may not want to implement SQRL because it gives the user ultimate control over their information. With SQRL a user can be as anonymous as they want because the web site doesn’t need to know anything about them personally in order to authenticate. Web sites can still require a user to set up an account that is associated with their new superlong user ID and that’s fine for sites like Amazon or other e-commerce sites. But for sites like Google, Facebook, or any social networking site SQRL can allow a user to have an account but still remain totally anonymous.

There are way more details to this than I’m able to describe and if you’re interested you can follow the links below.

This link is to the creator of SQRL: https://www.grc.com/sqrl/sqrl.htm

Here’s a simplified explanation: http://www.sqrl.pl/

A good write up by TechRepublic: http://www.techrepublic.com/blog/it-security/sqrl-a-new-method-of-authentication-with-qr-codes/

An explanation of digital signatures: http://www.youdzone.com/signature.html

Venue 8 Pro Review

image

I received my Dell Venue 8 Pro on Friday and my impressions over the last couple of days is this is the type of device for which Windows 8 was made.

To start, the form factor is near perfect. 8 inches is still a little too large for my taste as I’ve really grown accustomed to my Nexus 7. But this machine is definitely portable. It feels lighter in the hand than you might think and the textured backside makes this more comfortable to hold than my Nexus 7. The Nexus 7 has a slippery greasy sort of feel to it so the Venue 8 Pro, even though its slightly larger and slightly heavier, is more comfortable to hold over a long period of time.

Windows 8 really shines on the Venue 8 Pro. It runs smooth with no lag. This is amazing when you consider that this is running a full version of Windows that can run REAL web browsers and REAL applications. For reasons I have yet to discover Google’s Chrome browser runs better here than on my Surface Pro. For example, on my Surface Pro in desktop mode, there is an odd anomaly where Chrome doesn’t maintain a maximized window when switching from portrait to landscape mode. It’s an odd behavior that isn’t present on the Venue 8 Pro. On this device I’m running Office 2013 without a hitch and I’m also running QuickBooks. All the software I need runs on this tablet.

I’ve heard reviewers mention problems with the screen. Personally I’m not finding any problem with the preset auto display brightness. The device seems to adjust brightness for me just fine. Auto brightness is enabled by default no doubt in order to extend battery life. Battery life has been excellent so far. In normal use for me the battery is lasting me all day where I was at best getting 5 hours from my Surface Pro.

Are there negatives? Sure. But what device doesn’t have them? Here’s a short list of what I’ve noticed so far.

    • McAfee comes pre-installed. Anti-virus and malware protection are embedded into Windows 8 and is unnecessary. It’s annoying to have to uninstall something that shouldn’t be there in the first place.
    • Gets a little warm on the lower half of the right side. But with a couple hours of normal use I don’t find that it gets too warm. I mention it because I notice it where on the Nexus 7 I haven’t.
    • I would like an on-screen Windows Start button. To get to the start menu there is a button on the top of the device where you would normally find a sleep/wake/power button. That button is located on the side. At the start of using this device I would wake it by pressing the button on top and then try to put it to sleep with the same button. I’ve conditioned myself to simply use the button on the side and ignore the button on the top. It’s not a necessary button when I can more easily swipe in from the side to get to the Windows button to return to the Start menu.
    • I didn’t realize it came with Office 2013 for free so I burned my Office 365 subscription that I was saving for other devices.
    • Won’t charge through a USB hub. At least the ones I’ve tried. But it dies charge through USB and that is a huge convenience because I won’t have to carry an extra charging brick.
    • Lack of a hardware keyboard although Dell’s web site says a keyboard cover us coming soon. It’s not something I would use that often but I do know that I’ll want one when using it while traveling.
    • Lack of a dongle or short extension cord that would allow me to easily connect a full size USB device. I’m sure something like this exists and I’ll be searching. If I can connect a USB flash drive it will make installing software much easier. Some things still come on a CD or DVD and I usually copy those install disks to a flash drive because my last several laptops lacked optical drives.
    • There will be no docking station as with the larger Venue 11. It would be nice to dock this to a full size screen, keyboard and mouse for those times when sitting at a desk. This is a REAL computer after all and can take the place of a desktop for general use.image

 

Now if Microsoft would just get rid of the traditional desktop and make the metro style desktop the default interface Windows would have a much better experience. My other request after using Windows 8 since February is I would like the ability to dynamically resize the split screen panels when running multiple programs. The pre-defined sizes do not necessarily fit my everyday needs.

After using the Surface I’m so much happier with this device. It’s almost exactly what I’ve envisioned for tablet computing since I bought a Compaq T1000 more than a decade ago. If you are considering a Nexus 7 or iPad Mini you have to consider the Dell Venue 8 Pro. It’s a tablet with that works like a real computer and not at all dumbed down. I haven’t been this enamored with a device in a long ling time.

p.s. This review was entirely written on the Venue 8 Pro.

Obama Administration to Blame for Government Shutdown Silliness

The government shutdown is all over the news and the silliness of what is happening should not be lost on the American people.

There are many that blame the Republican party for playing politics with “Obamacare” and trying to leverage keeping the government open with defunding “Obamacare”. There are many that blame the Democrats for not agreeing for a short term solution that would fund the government while working out some kinks in the implementation of “Obamacare”. To be sure, there is blame to go around to both political parties.

But, in my opinion, only President Obama can be blamed for some of the silliness that is happening regarding the “shutdown” of certain public memorials, parks, and web sites. These places are by their very nature OPEN. There are no walls surrounding them and anyone at any time can utilize them whenever they feel like it.

WWII MemorialLet’s start with public memorials. Yesterday a group of WWII veterans was blocked from going to the WWII memorial. The group scheduled their trip in advance and only when it was learned that the park police were barricading the memorial did a member of Congress try to step in to allow them to visit. They were denied. But, the WWII generation being what they are, they moved the barriers aside and visited the memorial anyway. Keep in mind that there NORMALLY ARE NO BARRIERS erected around the WWII memorial. It’s open. Normally, 24 hours a day 7 days a week you can just walk on up. The park police had to waste equipment and man hours to block off something that requires nothing to enter. Take a look for yourself.

national park service

The National Park Service has closed off places like the Grand Canyon so people who have planned their trip sometimes a year or more in advance get turned away. Can you imagine closing off something as big as the Grand Canyon. Hell, it has “GRAND” in the name! The government can leave it open as nature intended and let the public enter at their own risk. To make things even more ludicrous, the park service even shutdown a park that receives NO FEDERAL FUNDING. The government spent money to close off a park where they don’t pay anyone to monitor or maintain.

US CensusHow about government web sites? These things are hobbled as well. I needed to fill out a census survey that I am mandated to complete prior to October 29, 2013. I went to the site and was greeted to this (a picture is provided in case the site is brought back up). I certainly hope the general public is not duped into believing that shutting down web sites saves the government one single penny. Remember now, the web site is up and running. You aren’t greeted with a message of “web page not found” (commonly called a 404 error) but instead are greeted with a message letting you know that you are blocked from doing the things you need to do. The servers that run the web site are still operating. They have to be in order to server the page with the stupid government shutdown message. Again, time and money was spent to have someone go to each of these sites and redirect browsers to these messages and block users from using the sites. I MIGHT understand if the government turned off the servers. But then they might get angry phone calls.

p092713ps-0542President Obama and those within his administration had to give the marching orders for the park police, the park service, and the system administrators to spend money to block or close off things that are normally wide open to the public. The American people, Democrat, Republican, Libertarian, Communist, Socialist, or whatever political persuasion should be royally pissed off that the American people are denied access to their public spaces. President Obama’s actions in this case are silly and childish. Seemingly in order to dupe the American people into blaming his political opponents.

Of iPhones, Gladiators, and Frogs

More proof that we are done as a great nation.

The video is only six minutes long so watch the entire thing. At first it’s fun to laugh at the idiots waiting in line for literally weeks. But then you get to the 4:35 mark. If you have any individuality at all you feel a bit ashamed that this is happening. How are has our American culture become so empty where segments of us will debase themselves in such a way just for a trinket.

Crowds of people cheering a person for buying a phone. Meanwhile, our private property rights are slowly being eroded, the police are increasingly becoming militarized, the government is trying to define a journalist so they can erode the 1st Amendment, the government is making a hard press to erode the 2nd Amendment’s protection of the right to bear arms, and the government is sweeping up and retaining private information on individuals who are not suspected of any crime. This list can go on and on.

Things like the iPhone, amongst other distractions (think professional sports), are the modern day gladiator arenas. Give the citizens their distractions so they don’t pay attention to what the political and big corporate classes are doing. We are the frogs in the pot and the water is getting pretty hot.