Security or Identity?

William Adams talks about locks, badges, passwords, and other security devices that help him sleep. It’s a really interesting read, and is a perfect example of the mind state of someone who is off-the-scale ‘N’ Meyers-Briggs type (NT or NF I cannot decide). People who take personality tests on the Internet score ‘N’ more frequently than normal people do, but I believe that this is as much the result of self-scoring as a matter of fact. Many people consider themselves to be much more ‘iNtuitive’ than they actually are. William is a useful yardstick against which to guage how ‘N’ you really are.

Anyway, I have a bit of a different opinion about all of these security devices. When you think about it, all of these things are simply surrogates for your identity. They are stand-ins for who you are.

To prove that you are the person permitted to enter the house, you have a key. To cause the alarm system to trust you, you depend on a numeric code. To prove that you are permitted to withdraw money from your bank account, you provide a PIN and card. To get your office building to let you through the door, your face is no good, it only trusts your magnetic swipe card.

Now, the problem here is that our creations exist to serve us, not the other way around. Think of what happens when a four-star general enters a room of lieutenants. They salute; no questions asked. None of this ?Sir, please provide me your papers, and your six-digit PIN, to prove that you are really the General?. I want to be a four-star general to my car; it belongs to me! When I tell it to drive, it should just say ?where to, sir??; no questions asked. Instead it demands a key. Who’s giving the orders here?!?

I’m insulted every time I have to swipe my badge to get into the building — how many times have I been through that same door, and yet it still fails to recognize me? It places more priority on a little piece of magnetized plastic than it does on me! The disrespect never gets easier to handle; I sometimes feel like screaming at the door ?Don’t you know who I am!!?. But yet it sits there passively, stupidly, blinking at me with that one ignorant red light.

And worse; these tokens can lie. Now I have to lay awake, worried that someone might steal my identity. I’ve already had this happen numerous times. If someone takes my car key, they can rack up speeding tickets in my name and wear my dry cleaning around the town. Entire networks of scoundrels exist who band together to take posession of your more valuable identity tokens, such as credit card numbers, social security numbers, and bank account numbers. If you use any of these tokens of identity, there is a very good chance that at least some of them have been 0wned, and a slightly smaller chance that they’ve been used to lie and perhaps even steal your posessions. And even if your tokens aren’t stolen, it’s still very easy to lose your badge and end up relying on the good graces of strangers to let you into your building (your own building!).

If you think about it, no human being in his right mind would willfully consent to being shackled by such inept surrogates of identity. Our great grandfathers relied only on their good names, and did just fine. So why is it that we are buried beneath ever-greater numbers of identity tokens, gamer tags, PIN numbers,stock trade record numbers, phone card numbers?Only bankers or sophisticated criminal syndicates could be expected to keep track of this much complexity!! And maybe that’s the idea. It takes away the hard work of managing our own lives — the banks will simply tell us what ourbumbling golems have purchased (whether we remember it or not), and all we have to do is pay the bill. Now if only I could get my badge to write specs for me…

Famous for Customer Service

Only days after Gillmor pleads with us to stop blocking RSS adoption, and already Microsoft has responded by syndicating Dare Obasanjo’s blog via RSS directly into the home page of the MSDN XML Dev Center. Tell me what other BigCo listens like that? And I just saw something RSS-related that Ciam Sawyer is working on on behalf of the empire, and I think it’s really going to please Gillmor.

Also check out Mark Fussell’s article on the new features in System.Xml for v2. Working on a product team at MSFT is difficult, because you spend more than half your time fighting for features that never make it into the next release. But when he writes down the list of things that made it like this, it’s not so bad. Note, however, the class named XPathEditableNavigator — the name is an abomination, and if you want to get it changed in time for RTM, you will need to e-mail Mark and ask him to change it. (for the humor-impaired, that’s a joke, the name is being changed)

Green Village and Missing Scoble

How crazy is this? Last night we decided on a whim to head to Vancouver to pick up some stinky herbs from Tong Ren Tang (no 3 north of Westminster in Richmond). I immediately thought of one of our favorite bloggers up there, and although I knew his wife was nearing her due date, I sent Roland Tanglao a note to see if he wanted to get lunch. Well, it turns out that his wife had the baby just hours earlier, so I could understand him turning down the lunch. I shut off the computer and away we went. This afternoon we had lunch at Green Village and hung out downtown for awhile before heading home.

It turns out that we missed Scoble’s announcement by just a few hours, and missed the Geek Lunch!

Anyway, despite being bummed at missing an opportunity to hang out with Scoble, Maryam, Tim Bray, and the others; Green Village was pretty nice. We had a party of five, so we ordered a lot of different dishes. Everything was great. Some of the other Shanghai specialties we tried that Roland didn’t mention in his excellent review — steamed soy milk with fried donuts for dipping; jia jia mein (noodles in a meat sauce with cucumber slices); crispy rice cakes with shrimp+ham+pork stew poured on top so the rice cakes sizzle and crackle; onion pancakes. Normally when people think of Chinese food, they think of rice, stir fry, spicy foods, or vegetables; since these are the common elements from Hong Kong, Sichuan, Hainan, etc. However, the food from Shanghai and Tianjin is not like that at all — there are lots of breads, baked items, meat, gravy, etc. I think that westerners who are into meat and potatoes would really appreciate Chinese food more if there was more Shanghai and Tianjin food available. Anyway, Green Village has just moved to the top of our very short list of Shanghai places. Green Village also serves some Sichuan foods, and the normal staples like jiaozi, but there are plenty of other places to get that stuff. I noticed another Shanghai place in Richmond on no 3, but no idea how good it is. And AFAIK, nothing even close in Seattle anymore since Homestyle in Great Wall Mall closed down last year.

Microsoft and RSS?

This Steve Gillmor rant doesn’t make any sense. He starts by pointing out that RSS has unstoppable momentum, and that support for RSS by Microsoft sites, products, and employees is high.

But then he explains that Microsoft is ?retarding the RSS momentum?, because, as he explains, SteveB and BillG have never said the word ?RSS? in a speech. He offers no evidence that the RSS momentum is slowing (it’s not), and offers no credible reason why speechifying would help ?save? RSS. It’s a bit medieval to insinuate that all of the efforts of the thousands of people who’ve pitched in to bring RSS to where it is today are for nought without the gracious utterances of a Microsoft executive.

Maybe I’m naive, but I think that the last thing we want is for RSS to become a focal point for another round of bitter, internecine software wars. As long as people are focused on useful applications that meet user needs, rather than religious wars, we make progress. As long as RSS is just an implementation detail that geeks care about, you’ll continue to see the broad community support.And ifyou’re still having trouble seeing my point, take every instance of ?RSS? in Steve’s article and replace it with ?Wiki? — let’s take the Wiki concept and start politicizing it, speechifying and ?evangelizing? it — just what Wiki needs? I doubt it!

The latter part of the article makes somevague suggestions for killer apps. If the ideas are so good, though, it should be easy to find people (as Steve points out, there is a thriving ecosystem of people writing RSS-capable software) to proof out these ideas and make them real. The barriers to entry with RSS are very low, and all of these ideas should be very simple to prototype. None of these ideas require Bill or Steve’s permission to succeed or fail. But I realize it’s much easier to make ?an open letter to Bill Gates? with random advice than it is to go through the hard work of trying an idea yourself and risking failure.

It’s Pretty!

Now if you look at my RSS feed, it looks pretty.

Gina Venolia recently did some research on blog usage patterns, and found that many blog consumers never successfully make the transition to using an aggregator. One common thread in our internal discussions is that the ?orange XML? icon is kind of geeky, and even if we get people to click on it, they often have no clue what all of that ?code? is for. Julien Couvreur pointed out that there is no need for the RSS feed XML to look so unfriendly, and he’s been using an XSLT stylesheet to render nicely in the web browser.

I took Julien’s stylesheet and modified it to explain why a user would want an aggeregator and where to get one, and modified the dasBlog source to insert the pointer to the new stylesheet.

If you have an RSS feed that you want to look pretty like this, you can simply insert the following processing instruction at the top of your feed:

The processing instruction needs to come after the XML declaration, if you have one.

Dare’s XML Guidelines

Dare’s weblog has some comments about his ?best practices for using XML in the .NET Framework?. This has been a topic of conversation internally for awhile, and hopefully the story will get a lot better in V2. I think the guidelines Dare gives are really the best we could do in V1. On a personal level, I cringe when I see anyone using a string variable to hold XML, but that’s my purist viewpoint more than pragmatism — I realize that it’s a fairly common practice, and I’ve done it myself many times. Oh well…

Shirky on RELATIONSHIP, again

Clay is getting defensive about the responses to his criticism of RELATIONSHIP. While I actually agree with Clay about the futility of ontology for expressing relationships, I am awed at how he completely snows us with intellectualism and dances around the issue without admitting that his original criticism was flawed. It’s an indignant cry of ?how dare you respond to what I said; you should respond to what I meant!? If people got the wrong idea from his first post, it’s because that’s what he clearly conveyed. His second criticism gets it right, but his first was clearly an attempt at criticising RELATIONSHIP on a pragmatic level.

Early inthe first post, he triumphantly declares, ?Or, more realistically, what if you would call someone your boss in one setting, colleague in another, collaborator in a third, and say they are someone you work with in a fourth??. Touche? Hardly!That particular sentence, and much of what followed,betrayed a surprising lack of basic knowledge about RELATIONSHIP, and IMO left the article reeling for lack of credibility. In fact, it made me question whether he understands the most basic concepts of Semantic Web, which puts his comments about ?the new machine learning? in the followup post in a different light for me.

Women in Sciences

We are currently watching Dr. Nancy Hopkins talk about the problems of gender discrimination in the sciences. She’s relating her experiences with the groundbreaking M.I.T. report on Women in Sciences. It’s really interesting to see how the women scientists at M.I.T. attacked the issue — with research, and 150pp of objectively measured facts. This approach ended up being very effective in getting the leadership of the University to buy in, and it’s kind of humerous to hear her anecdotes about a bunch of male engineers who, once they realized that there was an objectively measurable problem, safely isolated variables, and so on — immediately began attempting to engineer a solution. Right now she is breaking down each of the identifiable factors and potential mitigations that have been taken. One interesting anecdote — women were not taking family leave, since they felt it would count against them, but men took family leave and used it to start new companies. Anyway, it’s really inspiring to see people working based off of getting the clearest possible data rather than inventing rhetoric to support their preconceived ideas. Good data is the foundation of good decisions, and too often these debates are framed without having clear data.

Seattle Transportation Politics

Seattle has terrible traffic congestion, and a long tradition of debates about how to fix it. Unfortunately, little ever seems to get done, and a series of fiscal management scandals with previous tax levies has left voters with little visible progress and little trust that any future tax increases will be used appropriately. So things just get worse.

Last year, the voters shot down the proposed transportation package, in part because of the emphasis on light rail. Light rail is unpopular with voters, but is pushed by the politicians, and has been the source of much disappearing money over the past years. After having the package shot down, the politicians spent about $70,000 on ?focus groups? to find out what it was that the voters really wanted to have done. Number one was to replace the earthquake-damaged viaduct, and number two the 520 bridge. The politicians played humble and claimed to be doing the study so that they could do what people wanted.

Instead, it looks like they might have been looking for a better way to *sell* the package. This week, the RTID finalized the new package that they’ll put to voters in November. The press release trumpets the viaduct and freeway improvements. However, in the details of the package, you see 1.3 billion dollars for ?UnspecifiedProjects?, which says in small print ?currently earmarked for ‘light rail’?. So as long as the voters don’t know that they’re pouring more money down the light rail sinkhole, they’ll fall for it?

Personally, I thinkit will pass, because it’s got 4.5 billion for freeways and 4.1 for the viaduct. And the economy is picking up, so people will be less skittish about a tax increase. Butthere are still plenty of people who want to kill off the last remnants if themismanaged light rail project, and this alone will account for some significant resistance to the levy. It will be an interesting November.