How Will Device Fingerprinting Fare Against “Do Not Track”?

I linked to the preliminary report on privacy released by the FTC yesterday. Chief among their suggestions is a lightweight Do Not Track system based on browser headers, a scheme that is technically sound but raises questions about compliance and complaint.

More concerning is this Wall Street Journal posting about an outfit, BlueCava, looking to assemble a massive database of unique identifiable networked devices.

He’s off to a good start. So far, Mr. Norris’s start-up company, BlueCava Inc., has identified 200 million devices. By the end of next year, BlueCava says it expects to have cataloged one billion of the world’s estimated 10 billion devices.

Advertisers no longer want to just buy ads. They want to buy access to specific people. So, Mr. Norris is building a “credit bureau for devices” in which every computer or cellphone will have a “reputation” based on its user’s online behavior, shopping habits and demographics. He plans to sell this information to advertisers willing to pay top dollar for granular data about people’s interests and activities.

This is entirely continuous with EFF’s research into browser fingerprinting and sustains Professor Ed Felten’s warnings about going after mere tracking cookies too zealously. Nothing about the fingerprinting is necessarily incompatible with the proposed Do Not Track system. The article merely raises the urgency in answer questions around how to determine whether an advertiser is honoring the DNT header and how to enforce an action against them.

Race Is On to ‘Fingerprint’ Phones, PCs, Wall Street Journal (via Hacker News)

Facebook, AOL’s E-meh-l Initiatives

You know what would be truly valuable? A highly scalable email provider in the cloud that encrypted your stored mail so only you could read it. I’d be at least as much as I already do for my virtual private server for a secure, private solution that I don’t have to administer. Instead we are getting a couple of attempts at re-inventing email supposedly to make it simpler or better.

AOL (remember them?) is desperately trying to offer something of relevance with their attempt at email aggregation. I am not so sure I buy the argument that setting up email forwarding is all that hard. According to Verne G. Kopytoff at the New York Times, the promise of Project Phoenix is to pull all your email to one place, on their servers, of course. Reading the article, it sounds like a conservation of hassle compared to using existing means to re-direct your email.

It doesn’t stop there, but also includes add ons clearly aimed at the upcoming generation that has been oft quoted as finding email irrelevant.

Users can use it to send a text message, an AIM instant message, a text-only e-mail or a status update through AOL Lifestream, which allows users to broadcast messages to various services like Twitter and Facebook. The idea is to give users the ability to send off messages quickly without having to click through to another page to write.

These non-email messaging capabilities overlap very strongly with a new messaging initiative with the considerably more relevant social network service, Facebook. Among others, Robert Pegoraro, veteran techie at the Washington Post, has the details of what Facebook is claim is not an email service. You can set up your name at the domain and receive traditional email. It would be more fair to say it is not only email but like Project Phoenix is seeking to blend email with IM and synchronous chat.

Allow me to indulge my inner crank and let loose a resounding, meh. By blending quick, synchronous communication in with email’s staid bastion of asynchrony, both AOL and Facebook are obliterating the value inherent in being able to ignore and defer conversations. Are young users so incapable of using existing chat and instant messaging that we have to fuse them with the email services they claim not to use anyway? Must I now increasingly have to put up with the stunted, interrupt driven style of communication fostered by chat and IM? I find it very hard to believe that the youngest generation are incapable of appreciating the differences and values arising from them inherent in old and new messaging systems.

Of course, the real motive of both online companies is to capture more use through their own systems for the purposes of extracting value, usually through various kinds of advertising. Lauren Weinstein is already calling attention to the darker current underlying Facebook’s new service, namely the inability to use it and keep correspondences entirely private. I only hope that these latest attempts are as jarring and useless as Wave was to kill them before they rob me of my own preferred communication channel, email. Or, in other words–Hey! You kids! Get off of my lawn!

feeds | grep links > Kickstarter for Interactive Fiction, Microsoft Response to Open Kinect, Another Computer Built in Minecraft, and More

feeds | grep links > Wikia 2.0, Google-Facebook Hissy Fit, and More

  • One next step in the wiki’s evolution merges in the social
    As Mike Melanson at ReadWriteWeb explains, this announcement for Wikipedia founder, Jimmy Wales, reveals what is coming for his commercial venture, Wikia. I am relieved that similar plans are not in the offing for Wikipedia itself. Given how Wikia has struggled to gain traction, with a rising tide of me-too services further diluting the field, embracing social features may yield a needed shot in the arm.
  • Google-Facebook hissy fit over data portability
    Mike Melanson at ReadWriteWeb has the latest turn in a largely tiresome spat between the two web giants. I think Google’s competitive zeal against Facebook is clouding their better judgment, though the messaging is pretty funny. Rather than enlisting users or sprinkling code-based caltraps, I really think Google should stick to the ideal that informs their internal Data Liberation Front. Sinking to Facebook’s level is just going to prolong the delay before data portability wins out.
  • Citizen Lab develops project to map out RIM’s concessions to government, Citizen Lab
  • European commissioner lambasts copyright middlemen, TorrentFreak

feeds | grep links > Another Social Browser, Possible Future of Location Apps, Thousands of Stored Body Scans and More

  • Yet another social browser
    Not being a particular fan of Flock, I was going to refrain from comment on RockMelt, a me-too social focused browser-remix. I couldn’t pass up the opportunity to link to Glenn Fleishman’s discussion at BoingBoing of the new offering backed by Marc Andreessen of Netscape fame, among others. The over the top opening paragraph alone is worth reading Glenn’s post. He also works in mentions of Freedom, a tool designed to deprive you of network access to encourage real work, if that helps you understand from where his remarks are coming.
  • Possible future for location based apps from PARC
    Richard MacManus at ReadWriteWeb discusses a prototype app that better fits what I discussed as the potential of location applications in the latest podcast. It isn’t surprising that this example of ubiquitous computing comes from PARC, responsible for so many other innovations in the field of computing.
  • Feds admit to storing tens of thousands of body scan images
    Xeni at BoingBoing was one of several folks to link to this story. The CNet article freely mixes and matches information from different sources, exaggerating the situation somewhat. Given the cited releases, this story is also not exactly breaking news though perhaps not common knowledge. It does correctly identify the key concern throughout that the scanners can store and transmit scans opening the door for all kinds of problems beyond the scope of their immediate security applications.
  • Yet another spawn of Java trying to fix its ills is released, Slashdot
  • Self repair manifesto, BoingBoing
  • Crowdsourcing surveillance, Schneier on Security

Is a Right to be Forgotten Enough?

Slashdot links to a PC Pro article discussing a move by the commission to give more power to consumers. What amounts to a plan for new legislation next year may be a mixed blessing. Users would gain more control over their data, including the right to have it deleted, while at the same time decreasing friction for the flow of personal data through the markets. The latter would seem to increase pressure on advertisers to acquired the necessary informed consent and raise barriers to executing deletion, or forgetting, requests.

There is no mention of accountability or enforceability, aspects of the plan that will have to be addressed for it to have a hope of making a difference. Sadly, I think the inclusion of a right to be forgotten implies that the balance will still tilt towards too much collection.

EU Commission Says People Have a ‘Right To Be Forgotten’ Online, Slashdot

feeds | grep links > Holographic Video Displays, Univac’s Electoral Prediction, Patent Database is Up and Running, and More

  • First glimmerings of holographic video displays
    John Timmer at Ars Technica discusses some pretty impressive research considering how little holography has advanced for anything other than trivial applications. The system these researchers are building may seem crude but most of the equipment being used, including the network connection, are pretty close to consumer grade. The potential is enormous though I have to imagine free standing holography is a further horizon beyond these re-writing but otherwise fairly constrained displays.
  • History of computing and elections from 1952
    Wired has re-printed an article from around the time of the last US elections by Randy Alfred. In it, he explains how Univac, one of the earliest computers, was tasked with predicting the presidential election in 1952. The forecast put together by the machines and its operators was remarkably accurate but the TV folks they initially approached were too skeptical to air it at the time, only admitting to discounting the computer’s results well after they were obviously correct.
  • Patent database is up and running
    Rogue archivist, Carl Malamud, has the good news at O’Reilly Radar. The joint effort between the USPTO, the White House and Jon Orwant at Google has resulted in a new, open database that supplants feeds that formerly required substantial subscription feeds. As Carl explains, this was no easy chore given vested interests in the revenue streams from the old, closed system. A huge win for restoring a critical piece of our informational commons here in the US.
  • Five years of Linux kernel benchmarks, Slashdot
  • Group trying to get back scatter airport scanners banned, Techdirt
  • Google and Facebook to face tougher EU privacy rules, Reuters, via Groklaw
  • New beta of Firefox 4 mobile released, Mozilla, via Hacker News

Adding Emotional Analysis Alongside Anti-Camcording Tools

Ernesto at TorrentFreak has a disturbing glimpse of a second order effect of the push to fight camcorder piracy in cinemas. He rattles off a litany of techniques already in use, many quite obnoxious. One vendor of current technologies, Aralia Systems, is partnering with academics at the University of West England not only to advance their tools but to potentially branch into marketing.

According to Dr. Farooq [project leader from the Machine Vision Lab at UWE] the project should make it possible to record and analyze the public’s emotions. These emotions will not be used to track down camcording pirates, but will serve as a market research tool for the movie industry and advertisers.

Ernesto aptly raises the question of consent. That is certainly a difficult line to draw as it is unclear how it differs from a market researcher attending a showing incognito and using human discretion to make the same kinds of emotional observations. I suspect that the difference lies in the scale of data that an automated solution can capture and how the lowered cost of integrating and analyzing it changes our expectations of privacy in a traditionally semi-public space. On the other hand, one does have to wonder what potential their is to game emotional recognition to humorous or even privacy preserving effect.

Despite assurances to the contrary, I am still concerned at abuses besides privacy. Emotional recognition seems to border on divining intent. Some clueless theater chain, cinema manager, or movie studio is undoubtedly going to push using this capability, just because it exists, to fight piracy. That’s the problem, regardless of Ariala’s intentions for the technology, they aren’t the ones who will shape its actual use.

Anti-Piracy Tool For Cinemas Will Recognize Emotions, TorrentFreak

feeds | grep links > USB Dead Drops, Mobile Mesh for Telephony, Facebook Bans Apps that Sold User Data, and More

  • USB dead drops, embedding the dark net in architecture
    Slashdot and BoingBoing covered this project by Aram Bartholl over the weekend. He’s cemented USB sticks into walls and other fixtures at a handful of locations, with plans to set up more such dead drops. The idea is that rather than passing storage containers hand to hand, file shares can simply plug in and copy onto and from the drives what they want. The project seems more like an art installation than an IT effort, a way of weaving asynchronous, anonymous sharing into public spaces.
  • Mobile mesh for wireless telephony
    Duncan Geere cross posted this article to Wired and Ars Technica, it is about research that really is quite similar to other mesh network plans about which I’ve read. Why not make the cutely named body-to-body connections simply provide IP protocol carriage with telephony being just one application carried? I would think the growth of smart phones is what is crushing networks more so than mere phone calls. It will be interesting to see if this work which was done at Queen’s University in Belfast can make better progress on the challenges of making a mobile device based mesh as good as or better than the fixed mobile networks we have now.
  • Facebook bans apps that sold user info to data brokers
    Sarah Perez at ReadWriteWeb has the details of some positive privacy news from the dominant social network. I do wonder if this practice would have persisted if the Wall Street Journal had not exposed it, though. Also, why isn’t Facebook built in such a way to make this sort of thing much more difficult, if not outright impossible?
  • Users sue Google, Facebook, Synga over privacy , Slashdot
  • Justice department rules isolate gene sequences should not be patentable, Techdirt
  • Google sues US government for only considering Microsoft solutions, Techdirt
  • Researchers claim better quantum tunneling, EE Times