Privacy, Government, and Business

This week there were two big moments for privacy. First, was a ruling by a court that Apple had to unlock in some manner, call it decrypt or creating a backdoor into this specific phone. Second, was the fact that Apple, and now Google, has given the state a big middle finger saying “No!” These are important because of the gravity of both of these. The FBI is using “The All Writs Act” something from the 18th century and definitely not written to support dealing with difficult technological issues on technology that would appear to be magic to the author’s of the act. This is definitely stretching this law to its limits and likely beyond what is realistic, but it sets a precedence which is dangerous. The second part is important as both of these companies have been working with the government to provide data to them in the past.

While both of these companies are standing up to the government is great, it’s not enough. With a limited number of powerful players, it’s only a matter of time before they lose to the government or be threatened in some way that will require them to play ball with the government. On the other hand, smaller companies won’t have the money to fight the government, so even if you want to support a smaller company with privacy as its core values, there is no guarantee that they will be able to follow through. Furthermore, if the government forces the company to re-write its operating system, like Apple effectively has to do, the company might go bankrupt. With a precedence set by the Apple decision, a small phone company like Silent Circle and their Blackphone, would be forced to capitulate unless they were able to show that this was unduly burdensome.

The other issues with this case is that businesses are only fighting for what is “right” here because it will help them improve their bottom line. Of course, they are also fighting for their own personal privacy as an employee of the company and consumer of its products, but the goal is to improve profitability. Across the world it has been shown that privacy and protection from agencies like the NSA (US) and GCHQ (UK) is something that people are willing to pay for. Apple learned this from Blackberry during the Arab Spring – they emulated the encryption of the Blackberry Messenger with their iMessage application. This help transition some of the last hold-outs to Apple and eventually spurred other similar apps.

I believe it is likely that the Electric Frontier Foundation will be a strong advocate for Apple, so if you want to support Apple in their battle with the government I recommend donating to the EFF, especially if you don’t support Apple for its other business practices. I know I will.

Review: The Innovator’s

Written by Steve Jobs Biographer Walter Isaacson this book takes a look at how we got to now in the computing world. Starting with Ada Lovelace and ending with the pair of Sergey Brin and Larry Page, Isaacson covers dozens of the people that have enabled our world to be what it is today. He came to an non-intuitive result throughout his research, the lone inventor didn’t exist. He found that the most successful company or organization actually had a mixture of personalities and passions leading to success. His history is full of the men and women that made computing happen. Interestingly, it wasn’t until the 70’s and 80’s that women were no longer prominent in the history of computing. This is unfortunate as many of their contributions are still crucial to software development today. COBOL, subroutines, and most of the rules around software development were developed by women working either in the Navy or at some of the institutions that partnered with the military.

Much of this book was not new to me as I had read the history of Bell Labs and the history of Xerox PARC however a great deal of the book was news to me. He didn’t completely focus on the US even though a great deal of the history of computing took place here. He also explored the impact of the Germans, the British, and a bit of the Chinese.

If you’re a fan of computers and like the history of technology this book is definitely for you. Isaacson discusses the culture of the organizations that allowed technology to flourish (Intel) and the types of environments where it did not (Shockley Semiconductor). How no company created anything in a vacuum and that many ideas are, in fact, independently co-created.

Technology is a messy collaborative thing that could have been very different depending how just a few changes. Without collaboration, risk taking, and some big personalities we wouldn’t have the computers we have today.

Phone Encryption

It’s been announced that both iOS and Android are going to have fully encryptable phones which will be a huge boon for our 4th amendment rights. As well as to protect us from more mundane things like theft or simply losing your phone. Our phones these days contain as much or more personal information as our computers do these days. The average person doesn’t have any sort of two step authentication on their personal accounts on their phones. In most case people do have some sort of password protection to get into the phone, but once in it’s fairly easy to get into many applications.

For end users there’s nothing better than having a stronger security measures as in many cases companies poorly manage their security. This can be highlighted from the past week of exploits and those celebrity pictures. Encrypting phones might not prevented the celebrity leak, but in many cases it could. It’s believed that some of the hacks of Paris Hilton years ago came from hacking her phone through a BlueTooth connection, so a fully encrypted phone may have protected her from that hack.

All these things are good, however, the Washington Post has decided that this encryption is a risk to public safety because it will help criminals. This is the exact same argument that people make against BitCoin and full disk encryption. BitCoin ended up spawning SilkRoad, which has been shut down and it’s more likely that more crime is committed with dollars rather than Bitcoin. Full Disk Encryption has been used by both criminals and the more technical savvy. With the recent changes where the government can simply take your laptop at boarder crossings without any sort of warrant. Which means anyone at anytime that could have been flagged by the NSA could have their computer searched at will.

It’s more likely that encryption will protect an average person from an arbitrary search than protect a criminal. It’s likely that without everyone being encrypted, having your computer or phone encrypted would have been a huge red flag, however, with these recent changes that can’t happen. Meaning the average person will be safer as well as the fully legal with nothing to hide security conscious individuals.

The Washington Post, FBI, and other agencies are wrong. Fully encryption on our phones protects our privacy, improves our fourth amendment, and give us more control over our own devices. If the FBI and the US government is successful in creating a backdoor the encryption will be worthless and the put us more at risk as we’ll have a false sense of security.

Retail and payment intermediaries

In recent months there have been multiple instances where a major retailer has had their data infrastructure breached. This has resulted in millions of customer’s credit card information being compromised and stolen by some variety of criminal organization. It’s likely that the organization used skilled computer experts to hack into the system in some fashion. I also would not be surprised if some type of social engineering was used to ease their access to the data systems. Furthermore, if their Point of Sales devices were not fully secure that information could be gathered using a credit card that could also read information from the system.

This is the problem that applications like Google Wallet and Paypal are trying to solve. They are trying to position themselves as an intermediary between the customer and the retailer to protect the consumer and provide a common transaction method for many platforms including in person point of sales. I think the fact that I’m just now thinking about this has really shown that companies like Google and Starbucks have failed at showing where the true value in their product is.

I didn’t come to this conclusion without help though. Truthfully, it’s because of PalPal ads that I’ve been seeing on Huluplus. This ad walks through how unsafe we are using our credit cards with online retailers and that they protect your creditcard and bank account information from ever being seen by the retailer. Which, is a really powerful argument to use their services. Of course, that’s if you trust PayPal as an organization.

Personally, I’m concerned about using PayPal as they’ve had their own networks hacked with some account information stolen. They aren’t perfect, and honestly it’s likely going to be impossible to maintain and prevent any data breaches, but a company like PayPal should have that as their goal.

With that in mind, it’s kind of helped me think of the true value of both cash and a BitCoin like solution. At this point, it’s pretty clear that BitCoin has been compromised at least on some level. It’s not truly anonymous any more. Cash is still though. It’s the best way to buy anything from a store. It also reduces the rate that you spend your money compared to buying everything with a card. As you actually see the money disappear. Although, some times it doesn’t feel that way, especially when you’re out drinking at a bar.

I’m not sure I truly trust any of the large companies that offer these intermediary services. PayPal, Google, Apple, Samsung, Starbucks, and etc… all have their own version and all of these companies make money by locking you into their services. Google, Apple, and Samsung have the most incentive and potentially access, as they are selling you the only other thing you’ll have with you besides your cards, your phone. Locking you into not just their device but payment methodology is powerful. Not because it keeps you on their network, but also because it provides them with a huge amount of information about the rest of your life. Google likely will already have a lot of it based on your search history, but they don’t know what you’re actually buying. At this point they don’t have the full data to connect search results to purchases. Using Google Wallet closed that gap and provides a really valuable set of data for their customers.

Intermediaries are going to be really important moving forward because they will help reduce customer risk. It’s going to be important to figure out how to balance the risk of not using an intermediary with using one and providing them with massive amounts of data as well as extremely personal data that if all your eggs in one basket could be devastating.

Venture Capitalists goals to exit will drive winner-take-all growth

While watching a friend stream on twitch today, his radio station played a commercial from Audible an Amazon company. Which made me think about how Audible was a really up and coming company that a lot of people were interested in. Companies like Audible are funded by Venture Capitalists to help them in a few ways – pay for more developers, pay for access to content, hire marketing folks, or any other litany of things that a business needs. They come in at a stage when a company has little to no revenue.

These VC’s then put pressure on the companies to become profitable through new businesses, increasing the number of number of subscribers, or even changing markets or product types (pivots in their language). This is for a pretty simple reason, they make money in a boom or bust manner. If they fund 64 companies having at least one of them profitable means it needs to raise a massive amount of money to break even or to make all of those investments profitable for the company.

This means that whenever a company like Amazon approaches the leadership board of a company like Audible, the board will likely push for a higher price, but will likely be willing to sell. This is because Amazon, Google, Apple, and other companies similar in size, breadth, and depth in the market, offer absurdly deep pockets. For example, Facebook bought Oculus Rift, a company that’s only had a few prototypes released for $2 Billion. This is a huge amount of money which likely made the VC’s extremely happy.

Because of these market conditions we’ll likely continue to see a winner take all approach to markets that these players are in. Since most of these companies are competing in the exact same space, a company like Audible, that could offer a distinct advantage in the market place would be extremely valuable. It would actually have significantly higher value than if there weren’t 4 giant companies competing in the same space.

It’s likely we’ll see this continue to expand as Sony tries to figure out how to move into these spaces more adeptly, as well as Microsoft resurgence in consumer markets. Fully expect more and more of this to happen and greater and greater valuations for these companies in the coming months and years.

We know that NSA is hurting tech companies – that’s a good thing

Snowden leaked his documents a year ago. We’ve been getting a slow trickle ever since. However, some of these documents are getting date and surely the NSA is doing more stuff than they had in the past. That being said, they are continually being surprised by a new document that’s released or another. They clearly haven’t fully figured out the full list of documents that Snowden managed to take. Furthermore, they haven’t learned anything by not changing the techniques that they currently use. The NSA should have systematically shut down every program that could have been possibly leaked and moved onto something different. They haven’t, which means that they don’t really feel they need to change anything unless we force them to acknowledge that they’re doing something Americans (and the rest of the world) don’t want.

Today the guy that founded Netscape (a Silicon Valley Venture Capitalist) thinks that the fact the Edward Snowden released these documents hurt US technology companies. He thinks that because we now know that the US government does bad things with OUR tech company’s technology before it reaches a customer is hurting our companies. He blames Snowden. This is the most assinine thing I’ve ever heard. Marc Anderssen should be pissed off at the US government and praising Snowden because NOW US tech companies can DO something about it.

This is what a good manager or leader does. They support and acknowledge the fact that a person raise the attention of a problem, used them to address the root cause of the problem, and move on to the next problem. This is what Lean process improvement is all about. You NEVER shoot the messenger, you shoot the root cause of the problem eliminate it and make sure it never comes back. Saying that Snowden is a traitor because he highlighted the fact that the US government is taking good companies work (Cisco) and add malware is counter productive. We need to know when anyone government or otherwise is intentionally trying to break the internet. I do not believe that Mr. Netscape believes that the person who leaked the TransPacific Partnership is a traitor – when they essentially highlighted a similar problem.

I also believe, that labeling Snowden a traitor implicitly removes any blame from those companies that are being harmed by the US government. In many cases those companies have bee fully complicit with not just the US government, but “rogue” states (Iran, China, and other oppressive regimes) as well as companies (like Comcast, TWC, etc..) through enabling deep packet inspection (which allows anyone to snoop at anything you do. All of these have to have been enabled by a US technology company. These companies found a benefit to their benefit by doing this.

Now other companies, like Google, WordPress, and others are trying to get around both of these by encrypting their data. I actually suggested this as a tool to get around data caps or fast/slow lanes (if all data is encrypted you can’t slow or speed up traffic). This will inherently force a more net neutral internet (baffling deep packet inspection) and defeating much of the tools of the NSA.

All of these are good things. We know this because of Snowden. We know that tech companies need to address problems that the NSA and other government agencies have caused. This is a cause for celebration not condemnation. We need more people like him so that the internet can continue to thrive and be an economic driver. Don’t blame the messenger, if the US government is hurting US tech companies, we need to know so we can stop that from happening.

Driverless cars aren’t without ethical quandaries

While driving home the other day I was thinking about the new Google Driverless car stuff that I’ve seen. It’s an interesting looking vehicle, see it below. Apparently, one of the reasons why Google went fully autonomous was that people would be first hyper vigilant, then so lazy that they completely trusted the car in any and every situation.

Google’s fully automated driverless car

I believe it’s likely that the first round of driverless cars won’t be fully automated. Data will eventually show that the fully automated cars are perfectly safe, but we’re a paranoid lot when it comes to new technology. I also think that there are definitely risks with a fully autonomous car in regard to hacking and spoofing the system. I have a feeling that will become a game with hackers to try to trick the car into thinking that a direction is safe when it is actually not. To continually combat these risks Google will have to make it very easy to update the software, possibly while driving, as well as the hardware. I believe this is one of the many reasons why Google just announced their 180 internet satellites that they will be launching soon.

However, I think that the best of intentions will likely lead to some serious issues for Google and law makers in the next few years. For some of them an author at the Guardian wrote a few of them. That being said, I think that the first cars will not be fully automatic until enough data comes into show they are safe going highway speeds consistently. I think that this will lead to issues for Google.

One of the things that is missed in the Guardian article above is that if you’re an Android user, those very things could happen already. Your phone already tracks not just GPS but also nearby cell towers, so you could very easily subpoena either Google or your cell provider for records of your whereabouts. However, the interesting thing that Google talks about in regard to safety, is that drunk driving will be a think of the past.

As I mentioned before I think that there will be a manual mode and I think there will have to be one for a while because of definite hacker threats. You’d need to override. I also think that this would require a mechanical switch that literally overrides the system. The system would still run, but would not be able to override the human driver. Maybe I’m just paranoid, but I don’t think that anyone can create a truly secure vehicle like this and if one is compromised then all of them would be under the exact same risk.

Now, let’s say a guy goes out drinking. Google knows where he is. Google knows that he took pictures of his shots Instagraming “#drinktilyoublackout!”. Google also knows that he texted a few friends through Hangouts fully integrated texting capability. Furthermore, he tweets to @Google “Getting Black out drunk no #DD #DriverlessFTW”. This guy then gets into the car, switches it to manual override for whatever reason gets in an accident, who is at fault here? Clearly the guy that’s driving right? Well, if he had a fully automated car with no other option he’d not hurt anyone. Google knows everything he’s doing. Google knows everywhere you go already because of how their devices work. The difference is now that they can control where you’re going and how you get there.

Is Google responsible for building a car with a manual override that could save people’s lives in other instances? Is the State responsible for mandating that Google put in that switch? Should Google have built in safety measures that make the user go through a series of actions or prove the driver is capable of overriding the car?

I think that we need to hash out all of these before these cars are allowed on the road. I also think it’s going to be vitally important that we understand what happens with that data from all our cars, who can access it, and if we really have any privacy in a fully automated car like that. Simply by participating in our culture with a cell phone we’ve already eroded our privacy a great deal in both the public and private realm. Driverless cars will further impact that and will likely end up being a highly political issue over the next several years. Taxis, Lyft, and Uber will be out of business – the Car2Go model will beat them out any day of the week if the cars are autonomous. Direct to customers, like Tesla is pretty obvious. Lots of changes are going to happen through these cars.

We can’t just let this happen to us, we need to make decisions about how we want to include driverless cars in our lives. They aren’t inevitable and definitely not in their current incarnation.