Yorick Wilks

Facebook has decided to treat the dead differently at last, so breaking through the old problem that, just as on the web you couldnt tell someone was a dog–as in the famous New Yorker cartoon–similarly you couldnt tell they were dead. Facebook now proposes to “freeze” and “memorialise” he sites of those who someone officially declares to be dead—though quite how you get a death certificate to Facebook isnt yet clear. Someone blogged somewhere recently that “if he didnt hear from his friends every hour he assumed they were dead”. Hopefully, it wont come to that!

The Facebook proposal is that only friends you have accepted before death will be able to find your “frozen” site, see it and add tributes to it. That seems a bit strong: after all, many others might care to jojn in a tribute after your death who didnt happen to have been your friend on Facebook in life–perhaps you relatives or children? Is there any more reason to fear malicious postings by those who know you already, as opposed to those who dont? In any case, it wouldnt be hard to have a truster “executor” or “Facebook filterer” who removed any malicious postings—such people could be appointed in wills in the future, as literary executors are now. The tricky bit will be using “defriend” to rid yourself of a growing list of dead friends—–but the huge mass of young users dont need to think about that just yet.

Bill Dutton talking to the Forum’s news unit is at
http://www.youtube.com/watch?v=il_Ag0yVFXg

Today’s papers report a new method being trialed from the US to get news into countries with heavily censored Internet access such as China and Iran. (see:
http://venturebeat.com/2009/08/01/using-email-tricks-to-get-news-into-countries-that-censor-it/)

The method is called FOE (Feed Over Email) and is essentially a method for sending encrypted email as an RSS feed to any email address that requests it from an external mail provider such as hotmail or gmail. There are many such providers and it is hard for any state system to block all of them.

When decrypted the news appears in mail as HTML rather than text, rather like the adverts you get now from Amazon and British Airways. It all looks interesting and the wonder is why you need to request it at all: it could be sent as government-originated spam to any address they can find in a target country, just lie real spam! This would lower the likelihood of Government agencies at the target end later finding ways of locating those who had requested the feed. Companies in Western countries have not been slow to sell relevant software to the Iranian Government for Internet censorship, so why would they not take the next step and sell what is needed to find the FOE requestors? (see: http://online.wsj.com/article/SB124562668777335653.html)

As with all good ideas there are down sides: there are now HTML mailers available to anyone that send you not text but an image you cannot copy/paste or save; these give the sender the ability to delete email received by you from them, or alter it later as they wish; they own their own email, not you the receiver. Worse, it lets the sender know exactly when you read their email and where, and you can avoid it only by turning off the receipt of all HTML emails.

This tool, in the hands of the “target” Government’s, would be a powerful antidote to Western Government-backed “spam” emails. It’s all a question of who is moving quicker, the cat or the mouse. The hidden paradox is the use by Western Governments for virtuous purposes of all kinds of tools, from anonymizers to spam, that they deplore when used on them!

Recent proposals to consider Google or Microsoft as possible holders of citizens’ health records produced a predictable range of comments in the Times blog: from “yes, yes, anything to get away from another centralized state database” to “Ah ha, there are the Tories handing over public money to a company they are connected to, and which is not even British”.

Behind the games are very serious issues, some of them technical, most not. Even among those who agree that the NHS IT policy over the years has been an unmitigated disaster, some think Britain should now stick with the long term database plan because of the investment made and that it will eventually be delivered, however late and however much over budget. It is good to remember here that the NHS took decades to provide email to staff, because a special NHS-relevant email system had to be designed and implemented, even though off-the-shelf email from any supplier could have been provided to the whole system within weeks or months, as it was to virtually all companies. Who could possibly have believed there was special NHS email? I personally gave up on NHS administration when I heard they had simply failed to claim the Microsoft discount, for quantity of installations, of £50 million to which they were entitled! These failings are not casual but endemic, as everyone can now see after the huge fall in NHS productivity since Gordon Brown doubled its tax-take.

All that health records require is:

* reasonable levels of reliability and confidentiality
* access by the “owner” of the records and some recourse in case of error
* ease of updating the records by those entitled to do so
* access anywhere to the records, preferably world-wide

If this list has a certain familiarity, it is because many kinds of big companies now offer this kind of service to anyone and compete for their custom: banks are the obvious case. Your access to your financial records can be from an ATM anywhere in the world, is up to date, pretty reliable and you more or less trust the bank to keep your records safe and confidential, probably more than you trust civil servants who leave data sticks regularly in taxis. Vodafone, which is British like most of the banks, also offers customers large scale mail storage, which is not really different in kind from medical records, so if the UK were to go along this route there are plenty of competing British providers; patriotism need not be an issue, though competition certainly is—if one did not like one’s health record Guardian one could always go elsewhere, just as banks must now transfer your standing orders intact to a new bank within days, whether they want to or not.

Most Internet usage surveys show the public trust companies more than the Government these days, on data as much as anything else. Google has the advantage that they have, in the last years, been transferring masses of printed material into digital form-the Google books project. This is relevant because one of the great scandals in the NHS is the shameful rate of the move to digitised patient records: in some hospitals consultants still have a fat folder of written notes for each patient, but the fifteen minutes allowed each one does not permit reading such a mass of material, so each consultation starts from scratch, usually with the patient describing their own condition! Digitised records could be summarised and absorbed in minutes.

The arguments for Cameron’s suggestion go way beyond cost saving and avoiding another giant state database of the kind so dear to Old and New Labour: they offer choice to the citizen, access to one’s own content with some control over it and, above all, deployment of a proven technology that would not need to be much specialised to the NHS at all, but just piggy-backed on years of competent management of vast data bases. The good news is that many kinds of companies have this experience, not just Google.

The Guardian last leader yesterday told of a woman—-who started as Eileen de Bont (!)—-and who changed her name to Pudsey Bear to raise money for charity.
Later the Identity and Passport Agency (did you know it had changed its name—and significantly!?) would not give her a passport on the ground the new name was frivolous. As the Grauniad wrote, portentiously but correctly, “The right to call yourself whatever name you damn well please is one of the small but great British liberties.”

This has always been a fundamental difference between us (and most English speaking countries) and countries like France where you have a legal name which you must use. In a country where Harold MacMillan would suddenly start calling himself “Stockton” (after his ennoblement) and bishops sign their letters “+John Oxon” it is obviously a very necessary liberty. The key case was some 25 years ago when a man who had opened more than a dozen post office savings bank accounts in as many names, and was prosecuted by the GPO, was acquitted on the ground that if no fraud was involved, there was no offence in calling yourself as many things as you liked, and that this was not tantmount to impersonation (as the traditional offence now called “identity theft” or “identity fraud” used to be called).

The reaction of the I+P Agency, even if overruled, shows change is in the air—I do not believe this has yet been clarified by the Bill introducing identity cards, but it is not hard to guess that this Government will want to abolish this age-old common law right; another good reason for NO2ID.

From Slashdot today:

+——————————————————————–+
| Hundreds of Thousands of Chinese Black-Hats                        |
|   from the defending-against-gnats dept.                           |
|   posted by kdawson on Friday April 24, @09:33 (Security)          |
|   http://it.slashdot.org/article.pl?sid=09/04/24/1311216           |
+——————————————————————–+

An anonymous reader sends us to Popular Science for a long article on the
[0]loose, uncoordinated bands of patriotic Chinese hackers that seem to
be responsible for much of the cyber-trouble emerging from that nation.
QUoting: “For years, the U.S. intelligence community worried that China’s
government was attacking our cyber-infrastructure. Now one man has
discovered it’s more than that: it’s hundreds of thousands of everyday
Chinese civilians. … Jack Linchuan Qiu, a communications professor at
the Chinese University of Hong Kong [says:] ‘Chinese hackerism is not the
American “hacktivism” that wants social change. It’s actually very close
to the state. The Chinese distinction between the private and public
domains is very small.’ … According to [James Andrew Lewis, a senior
fellow at the Center for Strategic and International Studies], ‘The
government at a minimum tolerates them. Sometimes it encourages them. And
sometimes it tasks them and controls them.’ In the end, he says, ‘it’s
easy for the government to turn on and hard to turn off.’”

Discuss this story at:
   http://it.slashdot.org/comments.pl?sid=09/04/24/1311216

Links:
   0. http://www.popsci.com/scitech/article/2009-04/hackers-china-syndrome

Assuming this story is true, does it make this “patriotic activity” harder to condemn since it is not government originated? Given, too, that (a) the US invented hackers, (b) is a wildly patriotic country with many perceived enemies and (c) admires private enterprise, is it not odd that we have not seen, or had reported, much private international hackerdom from the US so far—Harrison Fords at the keyboard?

Those working in the theory and practice of artificial companions (www.companions-project.org) at the OII and elsewhere are, naturally enough, always on the lookout for new social implications of our future friends, the Companions. One future function might be as a backstop guarantor of identity, for the Companion’s user, when all biometrics have failed. It is a well-known problem of biometric definitions of identity, exploited in many movies, that they can be corrupted, stolen, removed etc. in a range of ingenious ways, after which the “owner” can be left helpless in a world in which the biometric had effectively defined their identity. Even without the science fiction, one can foresee an ongoing need for some non-scientific non-objective determiner of identity, stronger than the current fall-back to “Mother’s maiden name” and “Name of first pet” that the banks still use.

One can see the role here of a long-term computer companion, designed to spend years in conversation with its owner, building up a structured life of memories, gleaned from conversation, photographs, texts, ideally to be put in some semi-autobiographical form that surviving relatives will inherit, either as a full, frank intimate account of a whole life, probably with details and memories not known to the surviving spouses and children or, in the more extreme case, as a companion on a screen, say, looking and sounding like the former “owner” and able to discuss life from beyond the grave. Those who find this far fetched should look at Emily fromManchester:http://technology.timesonline.co.uk/tol/news/tech_and_web/article4557935.ece and imagine her as a long-lost daughter.

One could also think of the Companion of a living user as some kind of informal guarantor of identity: a Companion would know very soon if it was talking to its owner or not—not in the sense of voice recognition, which is just one more biometric open to faking—–but in the sense of how you normally talk, what things you know about “yourself” and so on, much like a vast structured form of “What was your first pet called?”, except these need not be questions that had been pre-planned but more along the lines of “when were you last in Venice and what did you go to see?”, “Where were you in 1986?”. The potentially nasty slip here would be that this function of the Companion might be ostensibly in the interest of the authority demanding the identity verification, rather than of the owner, given that most people would find a Companion-world acceptable only if the Companion was the servant only of its owner, and not its manufacturer or the State. There need be no dilemma here if anyone can say “Let my Companion identify me as YW” and a central registry can always know (as with a car) that Companion xyz is registered to YW and can identify him and only him. All this is another argument for treating Companions nicely of course, just in case…….

We all assume, and have experiences to show, that internet purchasing is transparent and efficient and works to the benefit of everyone, except perhaps small bookshops and their equivalents everywhere: I will never now give up the speed and efficiency of Amazon.com for a bookshop. But a couple of very recent experiences have caused me to wonder whether there are not loopholes being exploited by corporations within the Internet market to trap consumers and prevent them making better choices. I am not suggesting any fraud or systematic conspiracy against the consumer, only that these experiences, with a very large American Airline have shown me the possibility of this, and I am exploring how widespread the practice is that I encountered this week in buying airline tickets. If it is widespread, the need for publicity or even consumer legislation is obvious.

The facts are these: on the main website of a large American Airline I purchased a ticket for £206 for my son to fly in two months from New York to Nevada. I entered the details of my American Express credit card, as I have in the course of many similar purchases. A screen came back saying “Ticket purchased” plus small print to say my electronic ticket and confirmation would follow shortly. On most previous occasions that had come by email within minutes from the company’s computers. Three days later it has not come, and I grew anxious and phoned the airline, because I know the online market is moving at great speed as Christmas approaches and, if I lose this ticket for any reason, I might get a worse bargain. I also know I might do better, as I had seen the same route available for £50 less with US Airways. But I am not very anxious, because I have been a loyal multimillion-mile customer with the large American Airline for 20 years and never had any problem of this sort.

My anxiety increased slightly on phoning because I was told a blatant lie: that the delay in ticketing is because I have a foreign-billed credit card and these must be checked by hand; I am in a queue and the ticket will follow in “ a coupe of days”. This rings all kinds of alarm bells because ticketing is normally instantaneous. It is made clear to me when I ask, and this is approaching the nub of this blog, that although the ticket is PURCHASED it is not TICKETED, and no I cannot cancel the whole transaction. The credit card checking excuse is absurd, because the same card for the same son had been instantly accepted by other US airline websites in the same week, and had I called and made this booking on the phone (for $10 surcharge!) my card would have been accepted instantly. The card-and-manual queue argument is a transparent falsehood.

None of this might matter were it not for another and quite separate experience with the same airline a day earlier, booking a flight for 5 people in the same December period. In that case, I again got the “Ticket Purchased” web page back and thought no more about it. But on returning to check the timings I realised the confirmation and E-ticket had again not come but on phoning I was informed my purchase had been cancelled. It had been cancelled, I was told in rough tones, because I had made two reservations for the same group to two different cities in the US in that period, in Nevada and Texas. I said, as one would, yes but so what: they were both 24 hour options that would automatically expire at no harm to the airline. This is normal practice by consumers; but I had actually purchased one of the reservations with my credit card. Why, I wailed, had they cancelled the one I had purchased and not the other one where I did nothing to follow it up.

I was told that when the computer detected double booking it cancelled all but one reservation “at random”. Now, it cannot be the case that a multi-billion airline is unable to write software for the Internet to cancel an unpurchased reservation in preference to a purchased one. Yet my own naivety and company loyalty sent me back again at this point to the web to buy a new ticket for each of the 5 at £100 more a head. The glitch and the cancellation had just given the American Airline £500 more for absolutely no benefit to me.

It was this earlier experience that has fully roused my suspicions in the case of the second ticket, for the son and still unresolved, that something systematic might be happening here and, whatever it is, fraud or something else, it is unlikely to be mere incompetence on the part of the airline. Consider the issue in market terms: I as a consumer have been trapped now for three days, unable to cancel my “purchased ticket” and buy elsewhere. The American Airline, as I saw with the earlier group of 5 tickets, can cancel that purchase at any time and not even tell me, which could have allowed the group to turn up at an airport at Christmas believing they had Electronic tickets while actually having nothing! By luck I spotted that one in time. This imbalance of power is extraordinary: a consumer trapped and unable to shift options for an indefinite period and a company that may or may not honour the purchase, when it chooses. Its computers could clearly be seeking to sell that same seat to a higher bidder—if that were the case everything we have been taught to believe about internet purchases of such tickets is unreliable. Certainly in the case of the 5 tickets, the Airline reneged on its “tickets purchased” claim and sold them back to me, in effect, for £500 more because I was nervous, loyal ands acting semi-irrationally for fear of having family with no travel at Christmas,

If these practices are being driven by design rather than incompetence the Internet ticket market for major airlines is a far worse bargain for consumers than has generally been thought—and much much better for the airlines—-and the option of buying by phone for $10 more is the best bargain of all.

Our second puzzle reflects the changing conception of computation which has been developing
within Computer Science over the past three decades.
The traditional conception of computation is that we compute an output as a function of an input, by an algorithmic process. This is the basic setting for the entire field of algorithms and complexity, for example. So what we are computing is clear — it is a function.
But the reality of modern computing: distributed,
global, mobile, interactive, multi-media, embedded, autonomous, virtual, pervasive —
forces us to confront the limitations of this viewpoint.
Traditionally, the dynamics of computing systems — their unfolding behaviour in space
and time — has been a mere means to the end of computing the function which specifies the
algorithmic problem which the system is solving.
In much of contemporary computing, the
situation is reversed: the purpose of the computing system is to exhibit certain behaviour.
The implementation of this required behaviour will seek to reduce various aspects of the
specification to the solution of standard algorithmic problems.

What does the Internet compute?

Surely not a mathematical function . . .
Moral: We need a theory of the dynamics of informatic processes, of interaction, and in-
formation flow, as a basis for answering such fundamental questions as :
• What is computed?
• What is a process?
• What are the analogues to Turing-completeness and universality when we are concerned
with processes and their behaviours, rather than the functions which they compute?

[Im not certain I understand the question, but it seems a nice one to ask anyway! YW]