Filed under Internet

Aug 19 2011
1 Comment
Biology, Hardware, Internet, Software

The operating system for your brain

Last Friday I finished my summer internship at GrammaTech. A few days before that (I forget when exactly) the discussion on our IRC channel turned to cybernetic implants. We’re a company full of pretty hardcore software types, what do you expect? Though to be honest, I was the chief instigator. Anyways, the conversation quickly moved to the question of securing such implants. The questions raised are summarized by one coworker’s comment: “Which software vendor do you trust to write the operating system for your brain?” Given that regular implant technology probably isn’t too far in the future, the question is a valid one. For now my answer is: no one.

Let’s be honest: most of our computer systems are hopelessly insecure. And making them insecure isn’t as simple as installing antivirus software from a big vendor. Depending on just how secure you need or want to be, you potentially have to go very, very deep. In a lot of cases the trouble is not worth it. Want to take down my VPS running my personal website and storing my Git repos? Go ahead, it’ll take me all of five minutes to shut it down and spin it back up, maybe half an hour to restore everything. That’s far easier to do than statically analyzing every line of the Linux kernel, the GNU utilities and the web stack for vulnerabilities (and then fixing them without introducing new ones or breaking things). This is not to say that these aren’t worthwhile, important activities, they’re just not top priority for most users.

However, it’s another matter entirely when the systems are mission critical — banks, defense, the Internet backbone – or they’re running inside our body. Coming back to the original problem, medical technology is quickly progressing to the point of us having fully functional implants replacing faulty organs. Insulin pumps are just the start. Cochlear implants and artificial limbs have been around for a while. Bionic eyes are slowing pushing forward and real cyborgs exist. We’re not going to see full cyberbrains just yet and we’re definitely not throwing out the wetware for full synthetic bodies. But as the number of computers inside our bodies gradually increases it’s never too early to start thinking about how we’re going to keep them safe, especially if we want them connected to the Internet (and we will).

Having our implants connected to the Net is a matter of convenience as well as health and safety. Real-time monitoring, remote diagnostics and over-the-air software updates would greatly cut down on the amount of time you spend in your doctors’ waiting room. However, if you want your arm or eyes hooked up to the Internet you definitely want to be careful about who can connect to them. Asymmetric encryption and signing for all communications (especially updates) would be necessary, just for starters. I can see some kind of code-signing for the software itself being beneficial. But it raises of the question of whether the user can/should be able to hack their own organs. I really don’t want to jailbreak a critical organ if there is a possibility of bricking it. But at the same time I do have a right to my own bodyparts, biological or synthetic.

Aside: I wonder why cars don’t come with 3G connections for remote software upgrades. If the Kindle can do it, it can’t be that hard. Then again car manufacturers haven’t exactly been the most innovative and forward thinking in recent years. Maybe I should be talking to Elon Musk.

Even if the proper technical measures are in place, there is still the question of just who do we trust to provide and potentially control our body parts. I don’t mind Apple storing my music and Amazon can store and sync my books. I do mind them locking me in, which is why I’m still hesitant to go completely digital. But do I trust either of them (or any for-profit corporate entity) with my vital organs, or even non-vital ones? Furthermore do they get keys to shut down “malfunctioning” organs, for some definition of “malfunctioning”? What safeguards are in place to prevent them for misusing these keys? Given the life-threatening nature that such shutdowns might have, requiring a complex legal procedure to overturn shutdowns is dangerous and ethically negligent.

When implants start becoming mainstream and popular we’re going to start seeing issues and problems similar to the ones with computer systems. There are always going to be people who want differing degrees of control over their technology, whether that technology be cars, computers or prosthetics. It would be interesting to see something like a “homebrew” implant scene come up, though I doubt it would rival the popularity of the homebrew computer scene. Like many important problems the questions are both technical and social in nature. So, who do you trust to write the operating system for your brain?

Tagged , ,
Jul 29 2011
Leave a comment
Internet, Programming, Writing

Let’s kill Click Here

Click here to go to my last post.

Let’s stop doing that. As much as I love hyperlinks and the Web, I think it’s a bit unnecessary (and poor form) to have explicit link text saying something like “click here”. If you’re not really interested in the links these phrases just break the flow of your reading.

I’m not sure how this convention started, but I can imagine it being useful in the early days of the web. Before the idea of linking became ubiquitous it was a good idea to explicitly call out a link, especially if it was important. But I think we’re at the point now where most users can tell from the styling if a certain piece of text is a link. Think of how the movie Inception didn’t go to lengths to explain how people to get into others’ dreams – the Matrix movies have made the concept of “jacking in” pretty ubiquitous. The details aren’t very relevant to the story, the basic concept is well-known and movie makers can focus on more important things.

By and large the web conventions of the last two decades have established that underlined text in a different color is a link. This isn’t universally true of course. Thanks to CSS I can make my links look however I want, I can even make them look like plain text. But why would I want to? If I’m trying to attract attention to something, I want to do it clearly without being obnoxious. Using different colors and styles gets the point across perfectly well: this text is different and merits further attention, you might want to click on it.

Let’s look at natural speech. If we want to say something important we don’t preface it with “I’m going to say something important now”. We don’t end with “I’m done saying important things now”. Instead we speaker slower, louder, with greater emphasis in order to show what we’re saying is important. We don’t talk in a monotone all the time. We vary our tone, speed and volume to convey the different meanings of our speech. Web design (including designing links) should be similar: let’s put in the effort to make our links stand out without having to spell them out.

Aside: Along those lines, in daily speech if you’re saying “My point is” or “What I’m trying to say is” a lot, you should slow down and think carefully about what you want to say before you say it. I think public speaking and rhetoric should be a mandatory part of education for similar reasons, but that’s a whole other blog post.

I’ve been putting more links in my posts recently (especially since I ditched the WordPress web editor in favor of the excellent org2blog Emacs mode). My posts are often the result of stuff I’ve read on the Web fermenting in my head along with other ideas I’ve had. I want to link to relevant readings and I try to do that inline as much as possible. In an ideal world, we would have intelligent, automatically generated links as well as manual ones. For example, whenever I mentioned a person there would be a link created either to their personal website or their Wikipedia page. Lacking that, inline links is the next best thing I can think of. In doing so I’ve been trying to avoid making said links explicit. So far I’ve been pretty successful, it’s not that hard once you get used to it.

As with all communication there’s a lot to be said for brevity, precision and flow. I want my posts to be readable as pieces of writing even if someone is not interested in the links. By keeping links inline and using design choices to making them visible I think we can create online articles that are easy to read as well as being well linked to relevant resources – just the way it was meant to be.

Tagged ,
Jul 25 2011
2 Comments
Internet, Productivity

Control the flow

There is an abundance of information in the world. You might even say there is an overabundance of information. I’d argue that the problem is not that the information exists, but rather it’s all too easy to get to. In fact, you don’t even have to go to it. Information comes to you, all the time, through multiple channels at once. And often it’s just too much. Compounding this problem is the lack of automated, intelligent and accurate filtering systems. The only way to deal with incoming information is to manually look at it and set up filtering systems by hand. Combine the abundant influx of information and the lack of ways to automatically parse and filter said information and you end up with a debilitating information overload.

If we ever want to get anything done, there is only so much time we can spend each day on absorbing information. To create, design, build or produce anything of value we need to temporarily cut ourselves off from the stream. Unfortunately the increasingly ubiquitous presence of the Internet combined with email, RSS and Twitter make such disconnection a hard proposition to swallow. For me at least, the temptation is strong to just compulsively check the streams all day long. It’s like constantly refreshing an inbox, but more addictive because everything is coming in faster. Furthermore, the addiction is real. Our information streams leverage variable reinforcement to keep us hooked. Every time there is something new we get a little dopamine high that makes us want to come back for more.

The price we pay, the price I pay, for paying attention to the stream is all the things that could have been created, but aren’t. And as the days go by, that price only gets steeper. You can’t have a brain concentrating on creative work if it’s hovering over multiple inboxes, hoping that something interesting will come through. Something’s got to give. At the end of the day we either give up hope of ever accomplishing anything worthwhile (and many of us do) or we constrict the streams, control the flow, reduce the inboxes and do the work.

We could go all the way – give up email, connect to the Internet sparingly, focus inward instead of outward. But let’s be clear: the Internet is pretty darn amazing and I love having the combined knowledge of humanity a few keystrokes away. You can have the information superhighway when you pry it from my cold, dead, RSI-crippled hands. Till then, a little prudence is in order.

I’m giving up on blogs and RSS feeds that refresh more than once a day (with a few, very select exceptions). That cuts away most of the “news” blogs that I skip over anyway. I want to read things where I get a view of author’s mind and thoughts, the expression and intelligence of another human being. I want their words to come to me, because I’ve already read some of them and determined that I don’t want to miss them. If I want raw information, I’ll go and find it. I’ll read when I want to, at the end of a long, fruitful day, on a lazy Saturday morning, not compulsively every hour in fear of missing something.

I’m giving up on all the blogs that sound the same (this seems true of a lot of technology blogs unfortunately). It’s great that the Internet gives you a voice, that doesn’t mean I’m obliged to listen to it. Twitter is a flowing, meandering river – it comes, it goes, if I’m taking a dip it’s to be refreshed, not to be carried away. If I find a nugget of gold I stash it in Instapaper for later. I already have automated filters for email. I see messages on two conditions — they are urgent or they are unlike anything my system has seen so far. It’s not a personal AI, but it’ll do for now.

This mindset also extends to production: I write words in a plain text editor, publishing by automated, low-friction, no-fiddle means. The system is open-source, programmable, transferable between platforms. I can have it grow with me, I can file bug reports and submit patches so that it becomes better for others too. I write code in the same editor, hooked up to compilers, debuggers and source-code managers with similar low-friction scripts and commands. Nary a clickable button in sight. For hashing out ideas I rely on pen, paper, whiteboards and intelligent human beings. This means I have time and opportunity to slow down, reflect and revise. Everytime I put up something for others to see I want to ensure that it sucks a little less.

And so I am trying to constrict the inflow and filter the outflow. Never before in our history has it been easy to get to things. Never before has it been so easy to create and publish. A side-effect is that there is a lot of crap to consume, it’s so easy to produce mediocre widgets. It’s about time we stopped sabotaging ourselves (and by we, I mean I), stopped drowning in the sea of information, started doing things we’d be proud to have our names on. We’ve figured out the technology to create, let’s figure out how to filter and refine.

Tagged , ,
Jul 12 2011
2 Comments
Education, Hardware, Internet, News, Productivity, Software

The Age of the Maker is here

Last week a friend sent me a link to the world’s first sub-$1000 PCR machine. PCR stands for Polymerase Chain Reaction, it’s a method of replicating a section of DNA it billions of times. This means you can now study the building blocks of life to your hearts content, in your basement, for less than the price of a top-of-the-line computer. As the announcement says: DNA is now DIY.

OpenPCR joins a list of recent technological milestones including 3D printing, cheap embedded microcontrollers, ubiquitous computing and broadband Internet connections. The technological scene is supported by social phenomena like the open source movement, coworking and hacker spaces and organizations like Kiva and Kickstarter. The rise of increasingly powerful DIY technology and the surrounding social systems is pushing us toward what can best be described as the Age of the Maker.

Going from idea or innovation to self-sustaining product doesn’t require large factories or upfront investments anymore. As projects like OpenPCR and Coffee Joulies show it’s feasible to create a truly novel, popular product combining nothing more than talented, hard-working creators and willing customers. I’d like to believe that this is the beginning of a new industrial age, one that produces a similar improvement in the quality of human life without many of the bad side-effects of the last one. This revolution focuses on the individual and the small team rather on the factory. Sure, there are businesses and there is manufacturing, but the point of it all is not just profit. Profit is important, but a lot of people and groups I just mentioned are doing it largely because it’s fun and exciting.

Technology and the means of production are becoming increasingly democratic. What can be accomplished by small groups of focussed individuals leveraging modern technology is truly amazing. The software industry has already shown that small groups of people can create products and services that change the world. Today’s generation of makers and hackers are taking that a step further – showing that such world changing innovation doesn’t have to be limited to software.

I’m not an economist, but I’d argue that in many ways we’re seeing a reinvention of capitalism. Financial capital doesn’t have to be concentrated in the hands of a few – it can be widely distributed among the masses – millions of customers around the world. What is needed are people with ideas and skills that can bring that capital together just-in-time to create a product – the makers. And we now have the services required to bring the capital in (the Internet, Kickstarter, Kiva) and the cheap infrastructure needed to get the product out (UPS, FedEx, etc.). With OpenPCR, Arduinos, 3D printers and the we’re democratizing and distributing the means of production.

If you’re someone who likes building cool, interesting things there has never been a better time to be alive. The Industrial Revolution brought about mass production and cheap commoditized goods. But it also decimated independent artisans and craftsmen. Today we’re just getting ready to put all the manufacturing power of modern industrializaton back in the hands of individuals with ideas and skills. With today’s technology Leonardo da Vinci may have been able to build his flying machines.

What have you made today?

Jul 08 2011
Leave a comment
Internet, Software

The cloud is not secure

We’re getting closer and closer to an age where our data is separate from the machines that we use to manipulate and interact with it. A stepping stone to that future is the “cloud” – a remote, server-based repository of your information that can be accessed by a variety of applications and interfaces. In some ways the cloud has been around since the beginning of computing (dumb terminals plugging into mainframes) but the new, shiny, consumer cloud is both similar and indifferent. And there are many incarnations.

Apple’s iCloud is a complex, powerful solution for remotely storing your data and making it accessible to your apps whether on any of your devices. A simpler solution is Dropbox which syncs your files between devices (and offers a decent web interface). In recent weeks Dropbox has become quite controversial. Dropbox had a serious security breach that allowed people to log into any account using any password. It was a very serious flaw and a serious oversight on Dropbox’s part. They’re currently being sued over the matter. More recently they made an important addition to their terms of service which gives them broad-reaching rights over your data. However they have made efforts to make it clear that they have no interests in rights greater than what they need to run the service.

While services like Dropbox are great and convenient (and probably have the user’s best interest at heart) one thing needs to be made very clear: The cloud is not secure. Having a strong password is no guarantee of security. Putting copyright licenses on your work is no guarantee of security if the TOS give the hosting company rights to it. It is safest to assume that at some point in the near future any data you keep on a cloud storage service can and will be compromised. Under “compromise” I include perfectly legal government seizures as well.

The only data that I put in Dropbox is stuff that I will be making public anyways – copies of school projects, essays or reports that I intend for people to see and distribute. I would never put anything I consider even remotely private in the hands of a service like Dropbox. You should only put private, personal data in the cloud if you first encrypt it locally with a proven encryption algorithm and the encryption algorithm is implemented by an open source, trusted piece of software. The open source is important otherwise there is no way to know that there isn’t a backdoor of some sort. To access the data you should download the encrypted version and then decrypt locally. Anything unencrypted that goes over the wire (or the air) is probably wide open to the world to see. For most people this already includes their email and Facebook data.

I keep my online backups in an encrypted Amazon S3 bucket. I also keep some code on a remote server and make sure to connect over SSH. However, I also don’t keep things like passwords, PINs and account numbers in any written form. The only really secure data is data that doesn’t exist. That being said, modern encryption techniques are still a pretty good defense in most cases. In this age of the cloud you should keep in mind that any data you put unencrypted on someone else’s servers (whether they be files in Dropbox or photos on Facebook) is essentially public.

Tagged , , , ,
Older posts
Newer posts
Follow

Get every new post delivered to your Inbox.

Join 287 other followers