Dropbox tone-deaf? Hardly

TechDirt has a story calling Dropbox “tone-deaf” for adding Condoleezza Rice to their board of directors, given that she played a central role in creating the surveillance state that we now find ourselves in. (Yesterday Ed Bott said the same on Twitter. I argued with him. A more detailed version of the argument follows.)

Tone-deaf is an interesting idea. Literally it means that someone can’t carry a tune. Using it as a metaphor for a company, I think they’re saying they have an integrity issue. Dropbox seems to be a company we can trust to fight the government on our behalf. Hiring Rice seems contrary to that and to the interests of its users. They aren’t what they say they are, therefore they’re tone-deaf.

But it’s only tone-deaf if you were expecting a different tune. I think it’s refreshingly honest and open. It tells the users that it’s very important for Dropbox to have a way to communicate with governments at a very high level. Someone has to rep the company at meetings that are now taking place regularly where new rules are being created to govern the Internet. Private rules that we may not know anything about.

The net never was as open and liberal as it seemed to us. That’s what we learned from Snowden’s leaks. Every large tech company is quickly becoming part of the governmental structure of the world. Eric Schmidt, for example, travels with a former aide to the US Secretary of State. I’m sure at times when he meets with world leaders he’s carrying messages for our government and vice versa.

That’s the reality. Dropbox could have tried to hide it from users, but they chose not to. That appears to be in harmony with other tech companies. We may not like the song they’re singing, but it’s not tone-deaf.

Posted in Uncategorized | Leave a comment

Secret may be the next thing

Twitter and Facebook

Twitter and Facebook are part of my “rotation.” When I take a break from work, I go to each to see what’s up. It’s a habit, like checking email was a decade ago. I check even though there’s usually not much there of interest.

I don’t have any early-days memories of Facebook, because I wasn’t part of its early adopter crowd. But I was there for the beginning of Twitter. And I remember what an eye-opening experience it was. All of a sudden the lives of the people I related to on the web were opening up to me. I could see where people go, even learn about their families. But then the experience got diluted, as I followed more people, and more people, strangers, talked to me as I tweeted. The experience re-formed into a sort of social media haze, people promoting this and that. Although we don’t call it spam, that’s really what most of what’s on Twitter is.


I tried Napster in the winter of 2000, found nothing there of interest, but I was looking for a specific song on June 18. Father and Son, by Cat Stevens. (It was Father’s Day.) I had just heard it on the radio, and wanted to hear it again. Back then, if you can believe it, this was a problem. Unless I had a song in my personal collection of CDs I had bought at a record store, the best I could do was wait until it came on the radio again. Then I had a thought — maybe it’s on Napster. It was. That, and everything else. In the period between my first and second visits, the system had boomed with people of my age, and now our music was there too. It was an amazing experience to be able to browse old tunes the way I browsed the web. I wrote about it, a lot. The experience of music had been transformed. People were talking about music in the supermarket and airports! This was new.

Father and Son still reaches inside me to find the confusion that reigned between my father and myself when I was younger. I’m 58 now, but the Dave-of-17 is still very much alive inside, and is moved by that song. “From the moment I could talk I was ordered to listen.” That’s the power of a new medium, in this case, Napster.


Now it may be Secret’s turn. True, there’s no API, and no web client. It’s not politically correct. It’s possible that there can’t be an API for a service that tries to deliver anonymity. I don’t know. All that said, I’m having the kind of experience with it that I had in the early days of Napster and Twitter. I’m learning things, meeting people and hearing things from them they could never say if we knew who they are. Sure there’s a lot of the first time thrills that come from saying nasty shit about people we all know. I’ve even read nasty shit about me. Big deal. The first time people used SimCity they destroyed the built-in cities. That’s fun for an hour or so, then you try building a city, and that was fun (for me at least) for years.

Secret is not in my rotation yet, I have to remember to check it. But when I do, it gives me lots to ponder, makes me want to ask questions, and gets me thinking about who else is in this world, and how different some of them are from me. Sure the stories are probably mostly fiction, but this is what people dream about — their fantasies. Who they would like to be. They do something no one can afford to do on their blog or on Twitter or Facebook, they show vulnerability. And that’s interesting, and in Internet communities, new.

PS: There are cats all over this piece. The logo of both Secret and Napster are cats. And Cat Stevens wrote the song that got me into Napster.

Posted in Uncategorized | Leave a comment

Question for Mac devs re Heartbleed

I’ve been writing about Heartbleed on the home page of Scripting News today.

I have a question for Mac developers. If you are creating an app that uses SSL, do you implement it yourself or do you call a system routine?

I’m sure you see what I’m getting at. If you’re a developer that depends on an operating system vendor’s implementation of SSL, and they’re taking time to update it, does that leave your services open?

I’m asking about the Mac because I use Macs. I’m wondering for example if Dropbox has a security issue because the Mac has one. And Chrome, and whatever else I’m using that communicates securely with a server.

I’m also guessing that Google has their systems secured because they were the ones who initially reported the vulnerability.

Posted in Uncategorized | Leave a comment

Heartbleed is serious

I’m not waiting for various businesses to contact me, I’m contacting them asking if they’re vulnerable and if so what’s the plan.

Changing your password is not a fix. Every site that is using a version of OpenSSL that has the bug has to be updated or patched. Obviously, the sooner the better.

Technical details here including the C code for the bug and the fix.

So far I’ve only heard from only a couple of very seriously technical sites, pubnub.com and oauth.io. It’s not clear if credit card companies, online stores like Amazon, banks and brokerage firms, are vulnerable, and if so how quickly they’re installing the patched software. We’re in that awful period where the vulnerability has been fully documented publicly. No one knows if any hackers were aware of the problem before it was discovered, but there is no doubt the bad guys know about it now.

This is one of the reasons why the Internet of Things hype is so scary. Right now, in 2014, our entire financial system is accessible through a compromised system. That’s bad enough. But what happens when our bodies are wired to the net. And our cars, homes, everything. It’s great to think about when everything is working and everyone plays nice. But if you know anything about software and networks you know that’s a naive dream.

Posted in Uncategorized | Leave a comment

New pubs: Send us your feeds

There are a lot of new well-financed news hubs starting up. I have a suggestion on how to increase your flow, and overcome at least some of the barriers to entry erected by your more-established competition.

  1. Identify people on the web who are influential linkers.

  2. For each, recommend a set of feeds they should follow on your new site.

  3. Make the approach carefully, as you would with a PR campaign.

The reason is one that’s often overlooked. While RSS isn’t “mainstream” the people who push links through the main stream do use RSS to keep up to date. I am one of them. I have feeds already for all your competitors. It’s good for you if I add your feeds to my flow, I can’t link to your great stuff if I don’t know about it.

I know this is selfish. I want you to do my work for me. But they’re your links, your stories, and you have a hill to climb, and I’m happy to help if you meet me half-way.



Posted in Uncategorized | Leave a comment

Ideas for Google Glass

A couple of ideas, probably not even close to original, but I wanted to get them down.

  1. I go for a walk every day, or try to — and I usually take a podcast with me. This American Life, Planet Money, something from the New Yorker, or the NY Times. I’d like to take an episode of Nurse Jackie with me, a TV show. It seems like it would be a perfect application for GG. I could keep my eyes focused both on the show and where I’m walking. (I hope!)

  2. Scoble got a new toy — a drone with a beautiful video camera. While the drone is flying, you can watch it on your iPhone. But wouldn’t it work much better with GG? I want to use my hands to control the drone, and the effect of having my vision being directly wired to the “vision” of the drone would probably be amazing. Esp if it were 3D (which suggests using something like Oculus). It might give you a real sense that you’re flying.

Posted in Uncategorized | Leave a comment

What’s the cost of failure?

You could spend months or years to know that your approach is correct before trying it. If the cost of failure is high, say you’re firing a rocket into space, then you want to put enough time into being sure you’re right. But if it doesn’t take long, and it’s easy to revert, why not try it and see what happens?

I do this in programming all the time. Whether something works or not is data. I don’t like to leave a solution in place that I don’t understand, so I will usually do the work to know it’s correct. But it’s easier, less stressful, and takes less time if you already know it works.

And of course if it doesn’t work, that’s data too.

Posted in Uncategorized | Leave a comment