[…W]e decided to enumerate some general principles that we follow to design systems that are resistant to coercion, compromise, and single points of failure of all kinds, especially adversarial failure. We hope that these principles can be used to start a wider conversation about current best practices for data management and potential areas for improvement at major tech companies.
Do not rely on the law to protect systems or users.
Prepare and test policy commentary for quick response to crisis.
Only keep the user data that you currently need.
Give users full control over their data.
Allow pseudonymity and anonymity.
Encrypt data in transit and at rest.
Invest in cryptographic R&D to replace non-cryptographic systems.
Eliminate single points of security failure, even against coercion.
Favor open source and enable user freedom.
Practice transparency: share best practices, stand for ethics, and report abuse.
It’s genuinely refreshing to see this sort of thing coming from techies. The danger, of course, is in failing to point out that this is the sort of stuff the marginalized groups Mike Perry mentions have already been saying for generations. This is not a “pat ourselves on the back” moment, white techies. This is a “seriously, what the fuck is wrong with us that it took a Trump electoral victory to get vocal about this super basic stuff. (Spoiler: the answer is white supremacist capitalist patriarchy and all that it entails.)
If you’re following anti-police brutality activists, you might have heard about a new smartphone app that aims to cut down on the need for police. Cell 411 is touted as “the decentralized emergency alerting and response platform” that “cops don’t want you to use.” There’s only one problem: its central marketing claims aren’t true. Cell 411 is not decentralized, and there’s no evidence that cops don’t want you to use it.
Further, I believe it’s equally important that the developers of a tool like this actively eschew the State-sponsored terrorist gangs known as law enforcement, because that mindset will inform the tool’s development process itself. On the face of it and from the research I’ve done to look into Cell 411’s developers, I think there is a lot of welcome overlap between them and myself. Indeed, I’m grateful to them for developing Cell 411 and for dropping their price for it, offering it free-of-charge on the Android and iOS app stores, which is how it should be. Nobody should be charged any money for the opportunity to access tools for self- and community protection; that’s what cops do!
I’ve even reached out both publicly and privately to the developers of Cell 411 through email and Twitter to ask them about a possible collaboration, pointing them at the source code for the Buoy project I’m working on and asking where their source can be found.1 I want to see a project with Cell 411’s claims succeed and be a part of abolishing the police and the State altogether. I think there’s real potential there to make headway on an important social good (abolishing the police, dismantling the prison industrial complex, among other social goods) and I want to offer whatever supportive resources I can to further a project with these goals.
But I am concerned that Cell 411 is not that project. The fact is there are glaring, unexplained inconsistencies between their marketing material, the perception that they encourage the public to have about their tool, and their tool’s legal disclaimers. Such inconsistency is, well, sketchy. But it’s not unfamiliar, because this exact kind of inconsistency is something activists have seen from corporations and even well-meaning individuals before. We should be able to recognize it no matter the flag, no matter how pretty the packaging in which the message is delivered is wrapped in.
On the Google Play store, Cell 411 describes itself like this:
Cell 411 is a De-centralized, micro-social platform that allows users to issue emergency alerts, and respond to alerts issued by their friends.
The problem is in the very first adjective: de-centralized. To a technologist, “decentralization” is the characteristic of having no single endpoint with which a given user must communicate in order to make use of the service. Think trackerless BitTorrent, BitCoin, Tor, or Diaspora. These are all examples of “decentralized” networks or services because if any given computer running the software goes down, the network stays up. One of the characteristics inherent in decentralized networks is an inability of the network or service creator from unilaterally barring access to the network by a given end-user. In other words, there is no one who can “ban” your account from using BitTorrent. That’s not how “piracy” works, duh.
Unfortunately, many of the people I’ve spoken to about Cell 411 seem to believe that “decentralized” simply means “many users in geographically diverse locations.” But this is obviously ignorant. If that were what decentralized meant, then Facebook and Twitter and Google could all be meaningfully described as “decentralized services.” That’s clearly ridiculous. This image shows the difference between centralization and decentralization:
As you can see, what matters is not where the end users are located, but that there is more than one hub for a given end user to connect to in order to access the rest of the network.
1. We may terminate or suspend your account immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach the Terms.
This is immediately suspect. If they are able to actually enforce such a claim, then it is a claim that directly contradicts a claim made by their own description. In a truly decentralized network or service, the ability for the network creator to unilaterlly “terminate or suspend your account immediately, without prior notice or liability” is not technically possible. If Cell 411 truly is decentralized, this is an unenforceable clause, and they know it. On the other hand, if Cell 411 is centralized (and this clause is enforceable), other, more troubling concerns immediately come to mind. Why should activists trade one centralized emergency dispatch tool run by the government (namely, 9-1-1), for another centralized one run by a company? Isn’t this just replacing one monopoly with another? And why bill a centralized service as a decentralized one in the first place?
Virgil Vaduva, Cell 411’s creator, told me on Twitter that the app is not open source but hinted that it might be in the future:
@maymaymx Yes, it's a free app but this is not an open source project. At least not at this point in time.
And that concerns me greatly. Cell 411 originally cost 99¢ per app install on both the Google Play and iTunes app stores. It’s now free, which, again, is a move in the right direction. But by refusing to release the source code, SafeArx holds its users hostage in more ways than one. There are already rumors that the company is intending to monetize the app in the future, perhaps by charging for app downloads or perhaps in some other way in the future. That is fucked. The people who need an alternative to the police most of all are not people with money. That’s why all of Buoy’s code was available as free software from the very beginning; so those people could access the tool. And beyond that, it’s the very people who need an alternative to the prison industrial complex most who are also most in need of safety from capitalism’s exploitative “monetization.”
I hope Virgil chooses to make Cell 411 free software too—i.e., not just free as in no-charge but software libre as in freedom and liberty. A closed-source tool is downright dangerous for activists to rely on, especially for an app that is supposed to be all about communal safety. This has never been more obvious than in the post-Snowden age. If you share our goal of abolishing the State and ending the practice of caging human beings, and you want to dialogue, please do what you can to convince the people running SafeArx and Cell 411 of the obvious strategic superiority of non-cooperation with capitalism.
But if Cell 411 is centralized, then it becomes a much more useful tool for law enforcement than it does for a private individual, for exactly the same reason as Facebook presents a much more useful tool for the NSA than it does for your local reading group, despite offering benefits to both.
I am not saying that Cell 411 is a bad tool. Far from it. My belief is that it is a good tool for individuals and my hope is that it will become a better tool over time. But if Cell 411 is to go from “good” to “great,” then it must actually be decentralized. It must be released freely to the people as free software/software libre. Private individuals who are working to create social infrastructure as an alternative to police must be able to access its source code to integrate it with other tools, to hack on it and make it more secure. This is the free software way, and it is the only feasible anti-capitalist approach. And the only strategically sound way to abolish police is to abolish capitalism, since police are by definition capitalism’s thugs.
It is the explicit intent of police and the State to prevent private individuals from taking their own protection into their own hands, from making their own lives better with their own tools in their own way, by not allowing access to the source of those tools. We, Cell 411 included, should not be emulating that behavior.
I want to be able to run my own Cell 411 server without asking for permission from SafeArx to do so. If Cell 411 were decentralized free software, I would be able to do this today, just as I can publish my own WordPress blog, install my own Diaspora pod, or run my own Tor relay without asking anyone for permission before I do it. This is what I can already do with Buoy, the community-based emergency response system that is already decentralized free software, licensed GPL-3 and available for download and install today from the WordPress plugin repository.
As a developer, I want to see Cell 411 and Buoy both get better. Buoy could become better if it had Cell 411’s mobile app features. Cell 411 could become better if its server could be run by anyone with a WordPress blog, like Buoy can be.
But as long as Cell 411 remains a proprietary, closed-source, centralized tool, all the hype about it being a decentralized app that cops hate will remain hype. And there are few things agents of the State like more than activists who are unable to see the reality of a situation for what it is.
If you think having a free software, anarchist infrastructural alternative to the police and other State-sponsored emergency services is important and want to see it happen, we need your help making Buoy better. You can find instructions for hacking on Buoy on our wiki.
Here’s the email I sent to Virgil Vaduva, Cell 411’s creator and SafeArx’s founder (the company behind the app):
From: maymay <firstname.lastname@example.org>
Date: Sat, 27 Feb 2016 20:03:38 -0700
My name is maymay. I learned about Cell 411 recently and I’m excited to see its development. It is similar to a web-based project of my own. I am wondering where the source code for the Cell 411 app can be found. I could not find any links to a source code repository from any of the marketing materials that I saw on your website.
Our own very similar project is called Buoy. The difference is that Buoy is intended for community leaders and intends to be a fully free software “community-based crisis response system,” with the same anti-cop ideology as Cell 411 but built as a plugin for WordPress in order to make it super easy for anyone to host their own community’s 9-1-1 equivalent.
Our source code is here:
We have focused on the web-app side of things because that’s where our experience lies, but were hoping to create a native mobile app later on. It seems you already made one. Rather than reinvent the wheel, we’re hoping to integrate what you’ve done with Cell 411 with what we’ve already developed in order to facilitate a more decentralized, truly citizen-powered infrastructure alternative to 9-1-1.
So that’s why we’re interested in looking at Cell 411’s source code.
I’d like to talk to you for a moment about my new data security venture: CloudFog. Part cloud. Part fog. All security. […] We take a novel, horizontal approach to vertical socket encryption. The result can only be described as diagonal.
Whatever it was, though, I think that fear is misplaced. Most of this fear seems to stem from a real misunderstanding of the way Internet identities (not just Internet ID itself) work. Like so many things involving computer network security, something like Internet ID can sound scary when you’re not up on the nitty gritty details—that’s nothing to be ashamed of. Knowledge is power, and lack of knowledge breeds fear.
But Internet ID, or more formally known as National Strategy for Trusted Identities in Cyberspace (NSTIC) is actually not something to be fearful of. In fact, it could be a really good step forward, one that many Internet security, privacy, and free speech experts seem pretty excited about. And, what’s more, they have been for quite some time.
Our main conference Internet Identity Workshop held every 6 months since the fall of 2005 has for a logo the identity dog: an allusion to the famous New Yorker cartoon On the Internet, nobody knows you are a dog. To me, this symbolizes the two big threads of our work: 1) maintaining the freedom to be who you want to be on the Internet AND 2) having the freedom and ability to share verified information about yourself when you do want to. I believe the intentions of NSTIC align with both of these[…].
As another high-profile example, computer and Internet security expert Steve Gibson also recorded a netcast that dealt directly with NSTIC and explained it in remarkably clear detail. He dissected the way it functions, why it’s useful, where it can be improved, and what the big fears about it were.
Gibson rightfully concluded the fear is largely due to ignorance of the technology and a general mistrust of the government, but that the technical specification as it exists today is so good as to actually prevent the majority of the fears being espoused by people like those I spoke with who have not actually taken the time to grok the specifics. Here’s an excerpt from the transcription of the netcast:
LEO: I know some people, the idea of government doing this makes them nervous. To me it actually seems sensible because you need a centralized third party to certify it.
LEO: And I know people, a lot of people who listen to this show, don’t trust our government. And we probably shouldn’t trust government. But who better? I mean, you want Microsoft to do this? They have been, by the way, with little success. So I think it needs to be that. And then I think this is a nice – you liken it to certificates, and I think that’s a good – the web certificate system, I think that’s a good analogy. I think it makes sense to have third parties that are certified and that kind of thing. I’m excited. We needed this. I’ve been signing my email for years, to no avail. It’s all been the Web of Trust technique.
STEVE: Yes. And this document establishes the right principles. I mean, and I’ve read the whole thing. Everything about it, as I’m reading – and I’m skeptical of Big Brother, too. I don’t know how we’re going to do it. I mean, as a coder and technologist I think about all of the hurdles and the pitfalls and the challenges we face. But it’s clear that we need that. We need this in order to move forward and to really leverage cyberspace to the full extent possible, I mean, we have the technology.
LEO: Yes, yes. Identity is critical. We’ve learned that lesson. And anonymity, while you – I think this is nicely done because you can have anonymity.
LEO: But there’s also a way to certify you are who you say you are. And I think you need both. So I think this is good. This sounds – I’m excited.
STEVE: Yeah, me, too.
The nice thing about technology such as that being built by NSTIC is that, unlike the need to rely on flimsy promises of the government’s benevolence, we can actually audit the specifications and open-source implementations of these technologies ourselves. And many people do. Steve Gibson did, and I trust him.
None of this is to say there are not valid concerns—there are. For one, Trusted Identity Providers are still going to be privy to most everything you do with one of your Internet ID identities, but I don’t see how that’s any worse than what we have today: your ISP, your DNS provider, and countless third-party advertising companies can and are tracking everywhere you go on the Web today. NSTIC, on the other hand, could give users like you and me both the technical and legal ability to have more fine-grained control over what such third parties see about us as we use the Web.
Technology that puts users back in charge of their identity? Now that’s an Internet law I can be proud of.
So, as I said in the discussion over dinner earlier tonight, rather than spend our time wringing our hands over this Internet ID stuff, we’ll all be far better off saving our energy to fight foolhardy initiatives like SOPA, PIPA, and other forms of political, social, and technical censorship.
Internet ID/NSTIC is not an enemy. It is going to be an important and useful tool for users like you and me.
[O]ne of the main functions of Global Voices Advocacy is to provide information to people in repressive nations so they can seek and publish information freely online.
After confirming from NSF officials that “the blockage is not in error,” Ethan states the almost too-obvious-to-be-deemed-important note:
[T]he National Science Foundation is spending taxpayer money to (ineffectively) prevent scientists from learning about a debate about “internet freedom” tools the US State Department and the Broadcasting Board of Governors are spending taxpayer money to support and promote, again using taxpayer money.
Is there a Federal irony department where I can lodge a complaint?
This is an instance of unintended consequences rather than malevolent intent. The fact is, a few senior NSF employees got dinged a couple of years ago for viewing porn on their work computers. A Republican Senator took this up as an excuse to argue for budget cuts at NSF, the NSF got spooked, and NSF IT got the word that they should lock down the entire agency’s network. Obviously, there’s no point in trying to lock down a network unless you also try to lock down any access to sites that can tell you how to circumvent the lockdown. So, this is less about Internet or academic freedom than it is about simple inside-the-Beltway politics.
I’m pretty surprised to learn that the scientists at NSF are working in a filtered internet environment, and that the filtering is so aggressive that discussion of internet filtering and circumvention can’t be discussed. One wonders whether the State Department might consider offering some trainings for the National Science Foundation so that employees there can learn side by side with Chinese dissidents how to overcome filtering and learn about State Department sponsored research on internet filtering. Maybe we can sneak into the building with Tor on USB keys and clandestinely smuggle them to oppressed US scientists.
Well done, American bureaucrats. You self-defeating fucking morons.
Social media. Internet publishing. Privacy. Three phrases that have seemed to be at tenacious odds with each other in a multitude of subtle and not-so-subtle ways. For people like me, who have progressive views about sexuality, these three things are constantly on our minds. How do we participate in the online revolution without being forced to “come out” about every sex act we enjoy, some of which are still illegal thanks to draconian restrictions on sexual freedom, even (and especially?) in America.
This month, a new social network called Blackbox Republic (BBR) is attempting to tackle this head-on and aims to create a place for, as Marshall Kirkpatrick put it, this particular large and unserved group of people. Although BBR is clearly a business, it’s a business whose creators have laudable intentions for positive social and cultural change. In that respect, and in many others, Blackbox Republic is worth a close look.
So, without further ado, here are my impressions about Blackbox Republic, and how its launch may be just what the Internet needs to get us moving in the right direction with regards to personal privacy, and mainstream awareness of the different needs of different people on the Internet.
Mainstream sex-positivity or a VIP room in cyberspace? Or both?
Over the past few months, Blackbox Republic has been building a marketing arsenal of anticipation and intrigue. Its creators are successful in non-sexuality-focused spheres of influence: Sam Lawrence is the respected former Chief Marketing Officer of Jive Software, Inc., and April Donato, has experience in community management. They also both jive (pun!) well with the sex-positive movement, discussing it at length in the early stages of their marketing efforts after de-cloaking the new company.
[Sam Lawrence:] The co-founder [April Donato] and myself are part of [the sex-positive] community. Sex positive means that your sexuality is not an issue. You don’t have an issue with other people’s sexuality. You’re open to what other people are interested in and what their boundaries are, and you’re open with your own.
[Interviewer:] To what extent do you practice a sex-positive lifestyle?
[Sam Lawrence:] From the perspective of sex not being an issue, I think that love is generated by people being open enough about who they are as people to put all of themselves out on the table. As far as putting all of myself on the table, it’s something that I do every single day.
I have an enormous amount of respect for anyone able to so capably present themselves as authentically as Sam does. On the eve of KinkForAll New York City 2, I met Sam and April at one of their “founder meetups” and had the chance to talk to them face-to-face. Our conversation revolved around the importance of steadfastly holding true to one’s own desires and having appropriate places to express those things with appropriate communication tools. I really liked their emphasis on self-identification over labeling throughout our discussion.
I also really appreciated the way that Sam and April spoke about their target audience. Blackbox Republic will welcome everyone, but it’s not designed for everyone, and I think that’s a good thing. David Evans writing at Online Dating Post says,
BBR has room for everyone, but is not for everyone. Definitely catering to non-mainstream folks, it will soon feature a constellation of micro-communities, or groups, called Camps. BBR doesn’t tell people how to organize their camps; we’ll do it ourselves, thankyouverymuch.
So is Blackbox Republic a dating site, or a social network? Well, both, kind of. Part of BBR’s slogan includes, “Dates will happen. Sex will happen. It matters how you get there.” The implication, of course, being that the current suite of tools for finding love or play online—sites like Alt.com, OkCupid, and countlesspersonalsboards—focus too strongly on the end result, turning matchmaking into a meat market instead of the natural process of getting to know one another. The focus BBR is placing on each person’s “journey” is an extremely welcome paradigm shift in the online dating world.
Along with the welcome and (IMHO, painfully obviously better) new approach to online dating, however, Blackbox Republic faces some real challenges. For new users, the service costs a minimum of $5 a month to use (and $9 per month for new sign-ups starting in 2010), which gives access to basic features like a personal profile. For $25 a month, members get added features like the ability to list real-world meet-ups, send private messages, and partake in a virtual “gifting” economy (think LiveJournal’s “virtual gifts“).
For that reason, BBR has been called a “members-only club.” There are some legitimate differences of opinion as to whether this is a positive or a negative thing. In a press release over the summer, Blackbox Republic is reported as stating:
Blackbox Republic will be a members-only experience that will unite the sex-positive community and give them a personal, private and secure way to connect online and in person.
Think of Blackbox Republic as a fashionable online ‘members-only’ club where you might expect to meet people with similar interests to your own, and ideally the person of your dreams. […] Blackbox Republic is arguably an Apple product to Facebook’s Windows look & feel: a much more intimately crafted, fuller featured personal user interface which should appeal to Apple generation sensibilities.
Indeed, almost everything about Blackbox Republic’s marketing and design seems to me as though it’s positioning itself as the equivalent of the hip, new, and exclusive nightclub down the street. There are images of super-chic women in short skirts and tight pants all over the Blackbox Republic promotional pages—way more than there are pictures of men. I was (yet again) put-off by this over-prevalence of women in all advertising material.
This isn’t really a criticism of the site, but rather a statement of disappointment that the marketing gurus behind the effort seemed to me to have succumbed to overwhelming cultural pressure to sell their site with old-school sex appeal: women’s sex appeal, of course. How…traditional.
[L]ike most startups, Blackbox decided it needed to change up. Observers were confused by the sex-positive label.
Oh well. I think this just goes to further showcase how much more social change we really need in our culture.
However, while the clubby, cliquey feel is totally my own subjective perception, there are other issues at play here, too. Most notably, as Clarisse Thorn and many others rightfully remind us very often, the sex-positive movement is overwhelmingly white, middle- to upper-class, college-educated, and privileged in a huge number of ways that many people often take for granted. Even without a for-pay social network, not everyone who wants to can participate in the great-sex-for-everyone party atmosphere of many sex-positive niches.
It’s $25 a month and $5 of those community dues go to charity. One way to think about it is if you’re sex-positive, you can either spend money on expensive coffee every month or upgrade your social life and meet other sex-positive people like you.
Inescapably, the major selling point of any social network is, of course, the network! If your friends aren’t on Twitter, then you’re probably not going to find it useful. The same truth holds for Blackbox Republic: if the users you want to interact with aren’t there, I doubt you’re going to find the experience fruitful. Due to the membership fees and the socioeconomic realities of the sex-positive community, I’m concerned that BBR’s current business model is too exclusive, and as a result it will have a lot of trouble attracting the kind of diverse community its creators seem to be hoping for.
anyone can join provided they’re willing to pay the $25 a month (I like that he has a pay model from the get go. That sorts out the weirdos and hangers on from day one)
I wonder if adopting a free-mium approach might work better. Still, there are real-world limits to business. Everyone needs to make money, and I don’t think Blackbox Republic’s business model is inherently more exclusive than, say, purchasing access to porn. If anything, BBR’s got some real promise to inject much-needed financial awareness to the sexually insensitive corporate infrastructure of our society. Nevertheless, convincing people to join “the Republic” is going to be a hard sell.
Show me the features!
Let’s say you do decide to join. What do you get? Other than the sex-positive mindset, what’s the benefit?
Well, the bulk of the experience is what you’d expect. Profiles (called “personas”), messaging, user search capabilities (called “explore”), and so forth. A Twitter-like “activity stream” dominates the main page where you can post text, picture, or video status updates. Event listings fill the sidebar. (I’m not going to provide internal screenshots in deference to BBR’s strict confidentiality rules.)
While that’s fun, it’s nothing special. What makes Blackbox Republic different is flexibility, and privacy.
Goodbye drop-downs, hello sliders!
Blackbox Republic’s most visible feature is the way its interface allows you to flexibly self-identify various facets of yourself. Rather than give you static drop-down menus or radio buttons for things like your sexual orientation and relationship status, you’re presented with sliders you can change at will. Perhaps you’re feeling particularly same-sex attracted one day. Just move the “Orientation” slider towards the “Gay” end and away from the “Hetero” end. If that changes tomorrow, just move the slider back. Sho-weet!
BBR offers you 5 different sliders for your profile. In addition to the one for sexual orientation, you also get one for relationship “status” (ranging from attached to unattached, with Facebook’s famous “it’s complicated” neatly in the middle), whether you’re available for more partners or not, how comfortable you are with casual sexual activity, and how eagerly you’re looking to par-tay. I’m instantly reminded of FetLife‘s innovative, if dull-looking, mechanism for specifying multiple relationships. Blackbox Republic gives you similar flexibility as FetLife does but presented in a superb and far more intuitive interface.
All that said, one slider is conspicuously missing: the one for gender. The sliders are a very interesting idea and might just be the most innovative feature of the entire site. It speaks volumes about the sensitive and thoughtful mindset of the developers, and that’s why I’m so disappointed that the interface for self-identifying gender is relegated to the Sex 1.0 days of a single, binary option of “male” or “female.”
What gives? Are polyamorous people more welcome here than those who don’t fit the gender binary? I hope this is simply an omission that will be fixed as the service matures, since I couldn’t find any other reason why gender was absent from the sliders. For extra credit, I hope to see different profile options for “Sex” and “Gender,” two distinct concepts that frequently and incorrectly get used interchangeably. This would make it possible to represent complex gender presentations like additive gender on a social networking interface for the first time ever, and that’d totally be something to write home about!
Privacy and security
The other major selling point of Blackbox Republic is its careful attention to privacy. The entire offering, including its name, is predicated on letting users very carefully segment their information based on their privacy boundaries. I love some of the things BBR has done to enable this, and I can only imagine it’s going to get better from here.
Blackbox Republic’s Web of Trust
There are three levels of privacy, which (as far as I can figure out) map directly to the level of trust other members have gained within the Republic’s community. It works like a web of trust. New users are “un-vouched.” As they begin to interact with others on the site and, hopefully, make some friends, they should receive “vouches”—or votes of trust—from previously-vouched members. As a member, you get to control whether something you do, such as posting a status update, gets sent to the “public,” (i.e., the entire public-facing Internet), to all Blackbox Republic members (i.e, to both vouched and un-vouched members) or only to vouched members.
Additionally, privacy settings allow you to specify whether you want to allow un-vouched members to send you private messages, to follow your updates, to comment on your posts, or to see you in search results.
Unlike Facebook, which has very good privacy controls that almost nobody on Earth is aware of (thus negating the control’s usefulness), Blackbox Republic makes it a point to highlight their privacy controls at just about every sensical turn. Each of the settings I found defaults to the most private setting, not the most public, which is exactly the right move. I gotta say, I found turning off privacy settings instead of having to turn (or leave) them on to be a really empowering feeling.
You’re not a “friend,” you’re an acquaintance!
Moreover, the Blackbox Republic platform makes a native distinction between “friends” (again, like Facebook, or FetLife) and “followers” (like Twitter). When I friend someone, I’m connected to them in a way that I’m not if I just follow someone. I’m not yet certain what the practical distinction between “friending” and “following” are, other than the fact that your view of the people you’re connected with is segmented based on which button you clicked, but I think the distinction is a very appropriate and natural one to embed in the software.
This separation is probably the single most important innovation in the space of social networks as a medium of communication and collaboration that I can point at. I love that I can indicate without ambiguity which people I want to remain in constant communication with and which I simply want to watch from a distance. After all, aren’t at least some of your “friends” on Facebook really just “acquaintances” in reality? I think that for the first time ever in a social network, Blackbox Republic gets this feature right. Now, if only I could figure out what it actually does. :)
What? No on-the-wire encryption?!
With all that being said, there’s still at least one really frightening problem with Blacbox Republic’s careful attention to privacy: as far as I could tell, no part of my session is SSL/TLS encrypted!
The entire BlackboxRepublic.com website is served over HTTP, including the login form and—again, as far as I could tell—every page on the inside of the site. This means that it’s trivial for malicious people who don’t even have a Blackbox Republic subscription to intercept, eavesdrop, and modify my interaction with the site. They could watch—and save—private messages between me and one of my friends (or lovers!), for instance.
In Blackbox’s defense, I don’t know of any social network that protects you from this. FetLife is another example of a website that should seriously consider HTTPS-only pages, but as of this writing hasn’t implemented it. Therein lies one of the most frightening oversights in the entire social networking space: regardless of so-called privacy settings, everything you do on the vast majority of social networks, blogs, and other sites on the Internet are the equivalent of passing notes between friends in a classroom. Better hope that big bully who likes to steal your lunch money doesn’t open the note and read it himself while he’s passing along your login details!
The thing is, few other social networking sites place so strong a spotlight on user privacy and security. Since Blackbox Republic seems to be nobly and rightfully holding itself up to a new standard of privacy, I feel justified in pointing out this glaring omission in their service offering. Given everything else they’ve done so well, and how well-aligned the majority of their technical implementation seems to be with their philosophy, this omission came as a big surprise to me.
Until Blackbox Republic only serves HTTPS traffic for all private areas of their site, I can’t make a recommendation in good conscious that it’s the place to be for privacy-conscious people. But again, despite public opinion to the contrary, I’ve never been able to make that claim for FetLife either.
Blackbox Republic is one of the most interesting websites on the Internet today. Its privacy-conscious and sexually open approach to social networking and online dating deserves huge praise. Its technical implementation—although plagued with some glaring oversights for now—is to be seriously respected.
From a social change perspective, I think the site is a mixed bag. Its exclusivity arguably makes the insularity of the sexuality communities an even bigger problem than it already is. On the other hand, the market-value of that very same exclusivity, if steered toward a benevolent purpose, can end up benefiting philanthropic, non-profit, and other sex-positive endeavors that often struggle to find necessary financial support.
Moreover, Blackbox Republic’s internal gifting economy does seem to encourage a sort of altruistic nature among members. How that may or may not translate into increased support for non-commercial activists has yet to be seen. Nay-sayers should remember that this kind of thing simply hasn’t been done before and the net effect could be quite positive.
Having just launched, however, I don’t think Blackbox Republic should be touted as the go-to site for sex-positive people quite yet. Like other social networks, it needs to grow to become truly useful, and its subscription fee business model poses a serious obstacle to many people. I was fortunate to get in with a free “founder” account, but I have mixed feelings about encouraging my friends to join me knowing they—or someone nice enough to “gift” a limited-time subscription to them—will have to pay for the service.
Lawrence emphasizes that what members say in Blackbox Republic will stay private. There’s no danger of what they post inside becoming part of their “Google resume,” as he puts it. He says he would resist efforts from search engines to index content the way Facebook and Twitter allow. “The value proposition is this is the first private, large social network out there,” Lawrence says.
Put simply, and noting that I’m probably not the majority case here, I rely on my “Google résumé,” to use Sam’s words, to live the life I want. My lukewarm reaction to this isn’t a criticism of the goal, simply an observation that it turns out I’m not in the ideal target market for Blackbox Republic’s value proposition.
In other words, I think I’m “too out” for this site to be immediately useful to me. The fact that FetLife is not readily available to the public Internet is the single biggest reason why I don’t sign on to that site very often, and so I have the same reason not to spend all that much time behind the curtains of Blackbox Republic.
Nevertheless, many other people do. If you’re among the cross-section of the populace who’d like a sociosexual experience online and would also like to effectively outsource your social reputation management, if you will, but you feel that sites like Facebook just aren’t cutting it, then Blackbox Republic is definitely worth checking out.
If you do check it out, or even if you don’t, I’d love to know what you think in the comments. And if you’re definitely sold, consider signing up via my partner link. Full disclosure: signing up that way earns me a small commission. If you’d rather sign up but not give me a commission for the referral, just register from the front page.
Last week, I was invited to make a guest appearance on a technology talk radio show called Technocolor, which airs on 90.3 FM locally in New York City. The radio station is WHCR. The invitation was rather unexpected but I had a great time and a fun conversation with the host, Lena Marvin. We had such a fun time, actually, that Lena invited me to make a second guest appearance this week and, unlike the first show, I managed to record the audio stream, so you can replay the taping of the show and download it.
Here are my late-night and very sleepy attempts at listing some of the stuff we talked about, with as many links for show notes as I can manage to find:
April Fools’ Day jokes: GMail Autopilot automatically writes your emails for you, Identi.ca acquires Twitter, The Guardian will publish its archives by tweeting them.
NetFlix will demolish traditional cable television.
Identi.ca hopes to add OpenID support (eventually). It’s a distributed “micro-blogging” platform. Fear vendor lock-in; Laconi.ca implements the open micro-blogging standard. Community organizations are especially vulnerable to vendor-lock in.
Free as in beer is an open source cultural reference. But wait, there is actually a “free beer”.
How to create your own secure, yet memorable, password algorithm: use the name of the site you’re on combined with a secret prefix to create unique passwords for each site.
PDFs should be used better than they are; PDF creators can use PDFs as online, electronic forms. Lots to learn about Adobe’s products for free at CreativeSuitePodcast.com.
Newer Microsoft Word document formats cause pain for the uninformed. Also, will newer versions of the PDF standard stay backwards compatible with older PDF files?
Listening to myself is a bit odd, and makes me realize just how quickly I speak. I need to learn to slow down a little. Nonetheless, I think I did okay, although I suppose I should have plugged my own web dev book a bit more. Meh, whatever. I was just there to have a good time, and I did exactly that—it’s incredible how quickly an hour goes by when you’re having fun!
Still, I’d love to hear feedback from listeners, as I very much welcome constructive criticism of what I could have done better and how. I’m also hopeful that I’ll get even more opportunities to chat with Lena, Javier, and the rest of the Technocolor crew semi-regularly from now on, since she mentioned something about being able to Skype me in even after I move to San Francisco.
In some communities, this is sort of old news, however I’ve recently become aware of an exciting and affordable security product called the YubiKey, manufactured by Yubico. The YubiKey is a $35 USD one-time password second-factor authentication token that uses 128-bit AES encryption to provide identity verification. That’s a mouthful, but what it really means is this: using a YubiKey to log in to stuff makes your logins about as secure as a military installation. Here’s how.
When you log in to just about any Web site or Internet-enabled service, say Basecamp for example, you traditionally simply type in a user name and matching password. This is known as one-factor authentication because all you need to do to log in successfully is use a matching pair of user names and their passwords. Since the user name is not hidden, the only piece of the puzzle that’s providing any security is your password.
Now, a password is something you have to remember, so this factor is called "something you know." Of course, if someone else also knows your password, this means that person can log in pretending to be you. Thus enters the need for a second factor for authentication.
The YubiKey is a physical USB fob device with a unique ID. That is, each YubiKey in the world has its own ID, meaning that no two are identical. This implies that if you have a YubiKey with you, no one else can have that same YubiKey anywhere else in the universe. Thus, this gives you a second factor with which to authenticate yourself, specifically it’s "something you have."
When you combine something you know (for instance, a password) with something you have (such as a YubiKey), you have two-factor authentication. Authenticating yourself with both of these factors is obviously more secure than relying solely on one factor because in order to compromise it an attacker needs to compromise both factors; the attacker would need to know what you know (figure out your password) and steal something you have (physically obtain your YubiKey).
If you’re familiar with one-time credit cards such as those that PayPal offers, you can think of the YubiKey like one of these cards, but instead of being used to make online purchases, it’s used for logging into stuff (and, of course, you don’t need more than one physical YubiKey). Of course, for authentication to work with the YubiKey the application or service you are logging into has to be able to understand that you’re using one of these authentication devices.
The YubiKey spec is, itself, completely independant of the OpenID spec and vice versa, which is what makes the combination so formidable. What’s so cool about this process is that the site you’re authenticating to, such as Basecamp or your WordPress blog, doesn’t have to know anything about how you’re authenticating because the OpenID provider (Yubico in this example) simply returns the answer—a perfect example of a well-constructed API at work. Either you have successfully authenticated to your OpenID provider or you haven’t, and the site can respond accordingly.
And if that’s not cool enough, want to know the coolest thing about the YubiKey? It’s environmentally friendly! The YubiKey web site states that the robust, ultra-thin and battery-free design increases lifetime and reduces environmental impact.
I’m more than seriously considering getting one of these myself, and even beyond that, getting one for all of my fellow site editors on some of the community web sites I help maintain. This is especially important for sites dealing in confidential or otherwise sensitive information, such as those which hold financial records or have other privacy concerns. Securing the authentication of privileged users such as the site administrators seems a natural step.
Even better yet, because the only cost to implementing this system is developer resources and the cost of the physical YubiKey device, I’m also seriously considering baking this right into any new sites I develop. At $35, a YubiKey is actually cheaper than an SSL certificate, and even though they don’t protect against all the same attack vectors, I think a device like the YubiKey is clearly a vastly superior solution in the majority of use cases.
I never really had a compelling reason to begin to propagate an OpenID identity before but now, at last, I do.
I subscribe to a number of really great technology newsletters because they interest me. One of these is the XML.com weekly newsletter. XML is a technology that has exploded in the last several years, and its specifically an area that I, as a front-end and semantic web specialist, find exceptionally intriguing. Most intriguing today, however, was Managing Editor of XML.com Kurt Cagle’s article titled Is Telecommuting the Next Wave for Education? in the XML.com newsletter.
Not only was it a great article that highlights a particular XML schema for education-related material produced by the Schools Interoperability Framework Association, it paints the picture of a future I’ve already lived ten years ago. I am heartened to see that, at long last, other people are beginning to see the benefits of technology used for “distance learning.” Frankly, I can’t imagine learning any other way.
I tried to find this article online so I could link to it, but I could not. Instead, I’m reposting the article in full here. If this is available somewhere on the ‘net that I just haven’t found yet, please let me know.
Is Telecommuting the Next Wave for Education? by Kurt Cagle, Managing Editor,xml.com.
In the great analysis game, I have two particularly adept spies – my daughters. Over the years I’ve noticed that both of my daughters tend to be remarkably good barometers about the way that the wind is blowing with regard to youth trends, which in turn tend to be significant because teenagers in particular often tend to be the earliest adopters of new technologies. If something doesn’t resonate with them, no matter how big a marketing budget, it usually doesn’t fly.
One of the things I’ve noticed with my eldest daughter in particular is how many of her friends either are or have been recently “home-schooled”. Now, for many, home-schooling has long been associated with religious organizations, particularly evangelical Christians, who feel that the school system is too secular for raising their kids. However, given that the kids I know (and their parents) are generally not in that community, I was a little puzzled with what was going on.
Instead, what seems to be happening is a phenomenon that I think will have major ramifications for society, and certainly for the tech community. As the Internet was taking off around 2000, a lot of school districts began implementing a program to help those people who were often at significant distances from a school by offering certain classes online – with exercises online, video conferencing and periodic tests. At first, these classes were ones that you would expect to make the migration – science and math courses – but over time, they have extended to cover everything except those classes that require group participation – band, or choir, for example – or need physical facilities, such as wood-working. Physical education requirements could generally be met by agreeing to some form of monitored activity – swimming classes at a recreational center, for instance.
Yet a funny thing happened while setting up these distance learning programs. While remote users became enthusiastic participants in this new wave, the largest group of users have been urban or suburban kids who, for one reason or another, didn’t fit well within the school paradigm. In some cases, the people who took advantage of these courses were students who were involved in focused activities that involved travel – talented musicians who were often on the road, dancers, athletes who were often involved in activities at different schools or other events, or those whose family travelled frequently, who took to the distance courses because they were able to learn better around their other activities. In some cases, the students were people who were going through emotional issues at home – a death or divorce, for instance, though increasingly that has made its way up into those students who just couldn’t face the high-pressure world of middle-school or high-school dynamics.
In other words, the kids and teenagers who were taking advantage of these courses just recognized that it gave them an opportunity to learn in the same way that they are increasingly interacting with the rest of the world – through the computer. Teenagers are hard wired to be more alert in the evening, and typically to be sluggish in the morning, yet school as it is set up right now forces them to be capable of handling complex math and science first thing in the day, when they are generally least reponsive to learning much of anything. Then they are forced to take home dozens of pages of homework that will force them to stay up until late in the evening anyway, meaning that by the time they reach the end of the week, they are physically and mentally exhausted.
Distance Learning lets them combine the homework with the schoolwork, so they can practice new concepts when they’re presented, not after the concepts have become hazy after a full day. It moves them away from the tyranny of the timetable so that if they are having trouble learning a concept, they can spend the time they need to master it, rather than stopping abruptly halfway through because they have to move onto their next class. It also means that if they have mastered a concept, they do not have to sit around bored while others are still trying to figure out something.
It also lets them have access to the rest of the Internet to use as a research tool. While traditional academics may shudder at this notion, as a recent controversy at one university showcased when a student was expelled for setting up a study group on Facebook, the reality is that we’re moving past the point at which we need to keep a vast storehouse of information locked up in within our brains. In an era of information ubiquity, many of the skills that are taught in schools are beginning to seem increasingly quaint, and the teachers that are effective are typically the ones that have managed to incorporate this info-sphere in their own teachings. One social studies teacher of my acquaintance in particular has become quite effective at teaching using PowerPoint, Wikipedia, and other multimedia resources, and he goes out of his way to teach children not the history itself (which they can generally look up) but how to research and analyze that history and take from it any lessons that a given period may have to offer.
Distance Learning programs are also becoming more popular for the same reason that telecommuting is becoming popular – school districts are facing increasing prices for gas and food as a typical family is, but multiplied by several thousand. Many school districts are responding to this by cutting down on the routes that their school buses follow (or in some cases eliminating bus systems entirely) forcing parents to take their kids themselves, often, ironically, increasing the total gas use dramatically and certainly causing headaches for parents who have to integrate their kids into their own commuting schedules. Similarly, school cafeteria programs are being scaled back or eliminated entirely because the cost of the food is becoming painfully high. Add into that aging infrastructures for schools, in a time when the population itself is aging (and hence less likely to fund school initiatives if it affects property taxes), and what you have is a recipe for disintegrating school systems.
Given that, the idea of distance learning as an alternative is one that may be popular at the school board level, as in general, you can generally buy a whole lot of educational training and assistance for what it normally costs to move and feed kids. While it does require some retraining on the part of the teachers, they’re also attracted to it because their job frequently involves trying to keep order over thirty to as many as forty kids, many of whom simply do not want to be there – and the same time-shifting that occurs for the students typically occurs for them as well. Indeed, in many cases what ends up happening is that the teachers pre-record certain segments of their lectures (and are increasingly posting them up on YouTube), then set up one-on-one or group chat sessions with the students.
As for the parents in this equation, I’ve often suspected that one of the reasons for the decline in the quality of contemporary education has been the fact that school has become the place where parents warehouse their kids for the day. Home-schooling does require more parental involvement, but in general it is also far easier for those parents to keep a fairly close eye on what their kids are up to in this day and age when the parents are not at home, at least for kids of a certain age. What’s more, schools are in many ways like hospitals – while their ostensible purpose is education, the chance of their kids learning bad habits is far higher in school settings than they generally are at home – and the kids that are trying to be good aren’t distracted by the ones determined to make trouble.
That’s not to say that there aren’t distractions. My eldest daughter has been known to keep a chat window up talking to friends when she should be concentrating on homework, though in fairness to her, what she’s chatting about often involves that same homework, albeit in a rather disconnected fashion:
Kat: I'm :-( ):-\. Zuko shippeded Kataara. Urgh ..
Hey, what's I if volts is 10 and ohms = 3 % (can't write the squiggle for
Kat: Um V =IR so, uhm, I is RV ...
Neechan: No, R over V.
Kat: Oh. Right. :-) .... so 3 divided by 10 - .3. Bad Zuko! ...
Is this bad? No – it’s only different from the way that those of us who grew up pre-Internet see the world. Distance Learning does not change the amount of homework (though I suspect that it cuts down pretty dramatically on the makework that tends to deaden interest in a subject rather than reinforcing the concepts), nor does it change the need for accountability. The kids still need to test, and still need to show that they have learned, but I suspect that their retention rates will likely be considerably higher if they can learn in a way that works well for them.
Long term, I think that this will likely end up deconstructing the traditional school system, though this is a process that will take decades to happen completely. It means, for the aggressive learners, that they could in fact complete a formal curriculum in a fraction of the time necessary, though a good teacher can work with those particular students to provide additional areas of study for them to engage with. It means that slower students can learn at their own pace, and can generally be flagged for additional help if they fall sufficiently behind. Money that school districts save in terms of providing physical infrastructure in transportation can be spent on those activities that do promote socialization – music, art, theatre, sports, civic days, and so forth – and monthly activities that bring students together can keep the bond in place of school as community.
Distributed education is part of the larger process of social redistribution that is occurring because of the Internet. Modern education emerged about the same time that the modern corporation emerged – in the 1930s – during an era when the dominant forces at play involved hierarchies, centralization, consolidation and economies of scale. In this decade, the dominant forces are network related – decentralization, the economies of global localities, the disintermediation of authority and the a shift away from the geographical. Just as these forces are resisted at the corporate level despite the obvious benefits (and just as workers in places that can telecommute are increasingly doing so) , these same forces are resisted at the educational level with much the same results – students (and their parents) are taking advantage of any loophole they can to make it available to their kids because it results in a better education for them).
So far, most educational software is boutiqueware, typically Flash-like applications. This won’t necessarily change moving forward (it is hard in general to make educational software that doesn’t have a strong “games-like” component, and for the most part that game approach makes the educational software far more engaging than it would be otherwise), but one thing that will need to happen as the distributed systems move forward is for the emergence of some kind of general framework for the exchange of educational related information. One particularly promising start in this direction is the development of the Schools Interoperability Framework (SIF) (http://www.sifinfo.org/sif-specification.asp), which is an XML standard most recently updated in March 2008. Its mandate is fairly broad – providing XML schemas for describing grade-books, library services, student information, instructional services and so forth – (see Figure 1. SIF Zone Services).Figure 1. SIF Zone Services.
One of the jobs that the XML community needs to do is to reach out to the developers of educational software and insure that they are aware of the SIF standards, in order to provide better interoperability between their core applications and the growing educational educational noosphere, and to reach out to educators and education IT departments (which are all too typically the math teacher in his spare time) to make them cognizant of these same standards and to help implement solutions around these standards. As more students opt to go “virtual” the ability to maintain consistent, and more important interoperable, records becomes ever more paramount.
Long term, the move towards distributed education will shape society in some very profound ways. The kids going to school in such an environment today are more adept at the art of self-education, are usually more capable at analysis and research, and because they managed to avoid the often harsh emotional trauma of dealing with several hundred other kids of the same age daily, usually have more self-confidence than their school-based peers. They’ll likely have little patience for the Tayloresque approach to college education and will continue their lives in a similar manner by educating themselves within the college’s online environment (and will tend to shun those colleges that don’t offer such services) and when they start coming into the workforce in sufficient numbers, they will reshape the way that organizations are set up. On the flip side, I think this is likely to cause a huge amount of cultural friction between this generation and those educated more traditionally in previous generations, because their respective realities will be very different.
So far, the movement is still just a trickle, but watch this space closely – it will become a flood soon enough – and the bricks in the wall will come tumbling down (to paraphrase Pink Floyd).
I think it’s important—for a lot of reasons—to let people do what they want rather than to try to force people to do what you think is right. Ning is a company that gets it:
In a nutshell, we aren’t pro-porn, but we are pro-freedom.
To prevent porn, you have to take an activist stand against freedom of expression — you have to get in there and judge content, judge people, judge intent, and take action based on your judgments. I would never criticize a company for doing so, but I don’t want to do that, and we as a company don’t want to do that.
We think a better approach is to let people fundamentally do what they want, as long as it isn’t illegal and doesn’t otherwise violate our terms of service.
A heartfelt applause to Marc and everyone at Ning for putting their user’s personal choices ahead of their own. It’s not only good social justice, it’s excellent business.
Marc even provides some history:
From the very beginning of the Internet as a mass medium, porn has been present, and all of the Internet companies that have come before us have had to figure out where they stand.
[D]uring my time at AOL, I was fascinated to see how AOL dealt with porn. AOL had to balance two facts. One, their entire marketing thrust to be a mass market service meant that they had to come across as — and be — highly family-friendly. And in fact, they did a lot of work with parental controls and other features to make sure that families would use AOL safely. But the other fact was that a huge part of AOL’s actual usage all through the 90’s was for adult content — chat rooms, bulletin boards, and all the rest.
In practice, I think they balanced those two facts quite well — AOL could be used as a family-friendly service or as an open environment for people to do whatever they want, and it worked quite well for everyone.
This is a model that Yahoo then followed, and Google more recently.
Yahoo has always had an enormous amount of adult activity and material — some estimates are that as much as half of Yahoo Groups’ activity is adult in nature, for example.
And Google of course famously crawls and serves up search results and images for all kinds of adult topics, among every other topic in the world.
In light of many high-profile anti-porn practices by social networking sites such as MySpace, Facebook, and to a lesser degree, LiveJournal, it’s great to see that at least one company has put its own business ahead of other people’s politics. It’s precisely that sort of thing that’s made Marc an entrepreneurial blockbuster time and time again.
And frankly, I think the social agenda called freedom is just as important.