Wednesday, March 11, 2015

Memory and the Forgiving Internet?

It is widely bruited about that both society and the internet are utterly unforgiving. That any nude photo or youthful indiscretion will be remembered until the galaxies go dim. That teen instagrams will scandalize potential mates and employers, ruining your life, forcing you to live in gutters. But this Atlantic article -- Naked on the Internet is Not Forever -- casts doubt on both assumptions…. that those photos hang around, or that anyone really cares. 

Patrick de Justo asks, “Why are the "experts" wrong about our Internet past sticking around forever? Is it that something has changed in the way we access information through search engines in the past 10 years? Or are these two examples—my unfortunate pictures and Ms. R.'s nude pictures — just weird anomalies?”

Long ago, in The Transparent Society, I suggested that a more relaxed and forgiving society had to be an outcome of vastly expanded information flows, and all evidence since has borne that out.  Only one criterion seems to carry a stench of opprobrium that sticks hard… hatred. Perhaps “haters gotta hate,” but they lose credibility and their patterns do not become accepted, with time. And those items, the hateful pictures and/or postings, tend to hang around.

What underlies this trend for acceptance of youthful errors and minor eccentricities? Our increasing willingness to shrug, providing it wasn't deliberately harmful... and maybe that some time has passed? The last thing that any cynic would expect. Basic self-interest

Is part of the solution to info age quandaries simply to “chill” and worry less?  Maybe, argues Anthony Rotolo, assistant professor of social media at Syracuse University. "There's a half life to the stuff that we share on line, and it's really short,” he says. “The Internet lives on moments. It lives on what is viral right now, whether globally (like Justin Bieber getting arrested), or viral within your own social network. Then it's over very quickly. What we're seeing is that your naked pictures from 10 years ago are nowhere near as appealing as someone else's new naked pictures, which will be forgotten tomorrow anyway." 

According to this article, Prof. Rotolo credits Facebook with helping to foster this change. “As recently as a decade ago, identities on the Internet were much more protected. It was seen as foolhardy to ever use your real name online, to the extent that people even had separate credit cards for their online purchases. Under those circumstances, it was easy to pretend that embarrassing Internet pictures were something that could never happen to the average person. Then Facebook came along, forcing everyone to use their real name. And in doing so, the blue F helped embarrassing Internet pictures become a normal part of being online. As Rotolo puts it, “Facebook made us realize that anyone claiming they haven't done embarrassing things on the Internet is probably lying.”

== But there’s a downside to amnesia ==

Vint Cerf and David Brin
Google's vice president -- the great and mighty and dapper Vint Cerf -- has warned internet users to print out treasured photographs or risk losing them.  Digital storage has ballooned, mostly for the good, but the media for storage has grown ever more volatile and -- well -- unreliable. This was made worse by the retirement of optical drives (though CDs and DVDs did have their own problems.)

In what may be an historical tragedy of mis-timed technology, the Flash Memory revolution came (I believe) just one year too early! If my old Hughes Aircraft office mate Eli Harari had founded San Disk just 12 months later, we would have had time to develop an interim storage technology of real value. BLU-RAY read-write drives, capable of storing a hundred gigabytes in non-volatile - though still somewhat perishable – form, were in the offing. They would have replaced onboard DVD-RW drives in laptops and desk-tops.  I’d have loved to have one of those, as one more storage option. Alas. Thanks, Eli.

In any event, Vint raises a good point. (He was speaking at the American Association for the Advancement of Science annual conference in San Jose, California… where I also was on the program, talking about the Search for ET Intelligence: SETI.  Having dinner with Vint was the highlight of the weekend.) We should be researching strongly non-volatile memories, such as I depicted in EARTH. Hard-etched storage systems that can be relied upon, for decades, even centuries or more.

Speaking of disk drives… The “Equation” hacker consortium has achieved technical feats unseen and unanticipated, using the secret internal configuration codes of hard disk manufacturers to create hidden residence sectors for their malware that are invulnerable even to a user-commanded disk wipe.

Seriously, what does it take for all of this to become a matter for the commons?  For politics (if it still existed in America) and a demand that hardware makers create and live by open and secure standards?

Indeed, at a future time I plan to broach what I think to be a matter of basic national and international public health -- offering a standard, yearly "flu shot" against bot-nets. Such matters have been left to the private sector far too long.  Worth a try... but Norton and Kaspersky aren't solving this. If your puter hosts a bot-net, you are a hazard to public health.  Get clean -- (and we'll make it easy) -- or stop coughing on folks by getting off the Net.

== The Internet of Things and Eavesdropping TVs ==

In this very interesting article -- Before we give doors and toasters sentience, we should decide what we're comfortable with first -- Ian Steadman offers an illuminating view of the coming Internet of Things and why we ought to start having an informed and imaginative conversation, now. For example: "… last year the New York Times reported that dozens of people across the United States are now waking up each day to find that their cars won't start. They've fallen behind on their monthly payments, and so dealers are able to remotely disable their vehicles as an "incentive" to fix their debts."

Of course the uproar over the latest Samsung televisions, with their voice command feature that can send eavesdropped conversation to their "partners," shows that one or another Orwellian pitfall lie right in our path. The author quotes liberally from fine and prescient science fiction novels, including Philip K. Dick's UBIK, which add layer and nuance to an interesting piece.

More from Ian Steadman's excellent article: "There's a movement towards what's called the "sharing economy" - instead of owning a car, for example, you rent one only on the days you need, summoned with an Uber-like app perhaps. Despite the benefits this shift may have for city congestion and air pollution (we'll only need a fraction of the current number of cars in the world we have now), a change from an ownership to a rental economy (where the companies that create and sell products retain ownership instead, importantly) is a world where individual control over consumer products is reduced even further."

Bruce Schneier plumbs into the Samsung eavesdropping imbroglio, writing, "Earlier this week, we learned that Samsung televisions are eavesdropping on their owners. If you have one of their Internet-connected smart TVs, you can turn on a voice command feature that saves you the trouble of finding the remote, pushing buttons and scrolling through menus. But making that feature work requires the television to listen to everything you say. And what you say isn't just processed by the television; it may be forwarded over the Internet for remote processing. It's literally Orwellian." He concludes, "This has to change. We need to regulate the listening: both what is being collected and how it's being used. But that won't happen until we know the full extent of surveillance: who's listening and what they're doing with it." 

True enough, as far as it goes.  But Bruce never goes deep. For example, HOW do you expect to accomplish all of that, in a world where Moore’s Law inherently expands and distributes every power of vision, exponentially? 

Ironically, the only way to gain this kind of control over elites - demanding they stop using prying eyes - is to make them feel it’s likely they’ll be caught, if they stare. 

Through Transparency.


Alfred Differ said...

Way back when AOL was popular, I decided to use my name in account identifier. I fuzzed it just a little by using first initial and last name, but anyone with Unix experience wouldn’t be phased. I remember people suggesting I not do that, but I fought back arguing that I’d deal with creeps without hiding. I’ve used that name and my full name everywhere since except once when I had an account at Second Life. They didn’t let you use your name, but I still squeezed it in a bit. I wasn’t there to escape my first life, so I didn’t see the point. I still don’t.

Only once have I seen someone I know get completely trashed for what she said. She got hate mail, death threats, and lots of vitriol. Her humor attempt got misinterpreted as hate content and there was no way to recover after the steam roller flattened her. She’s not a hateful person or anything like what people accused her of being, but that all died off a month after the flash and she got her life back in order again. I bring her up (without naming her) because I don’t think a false name would have protected her. People got really upset and tracked down lots of family details. What made that all possible was the bad reactions from people who knew her just enough to have details, but not well enough to know the accusations were incorrect. Information didn’t just leak. It gushed.

I think there is more to this that chasing the latest set of celebrity nude photos. Most everyone I’ve met online has understood the basic deal. I’ll shrug off your oddities if you shrug off mine. Maybe, just maybe, we can talk to each other about them and learn why we are what we are and why your oddity bugs me and mine bugs you. Most people aren’t interested in the details, but I’ve had a few givers and takers who never would have traded like that if they couldn’t trace my real identity.

However, my wife did just find some online pictures of me from the late 80’s dressed up in an SCA outfit at an event. She laughed her behind off at both the images and my attempt to explain them. I’ll be sure to thank the person who posted them to FB next time I see her face to face. 8)

Randall Winn said...

As for the last point in the article - I'm sure it's wise to be worried about "always listening" devices, but I'm not sure how this can be stopped. If it adds a little convenience, and if the costs are sufficiently hidden, most people will acquiesce - just look at how well the Google Adsense ads on any blog your read match your recent inquires on Amazon, for example.

If one is really careful, one could check the licensing documentation supplied with every phone and fridge that YOU buy, but what about the cellphones and step-recording bracelets and smart belt buckles (they suck in your gut when someone attractive looks your way) of your guests?

Constant monitoring of ambient sound could be "justified" by its utility in a crisis. If your car hears a siren, its cameras check for flashing lights so you may more swiftly pull aside, possibly saving lives. The source of gunshots may be identified with precision if a scattering of always-on cellphones automatically report them (if only Bill O'Reilly had had one when he was knocking on the door of that Kennedy assassination investigator ;-) I'm not saying such uses outweigh the risk to privacy; I'm musing that the risk to privacy may likely be justified by such uses.

And that should be disturbing.

Jumper said...

You could monetize that gunshot app, Randall.

Jumper said...

Well, David, you have less to worry about in some regards: your important work has been preserved pretty well. Should you print some of your books on archival acid-free paper? That's an interesting question. I wonder if any of the "on-demand" printing outfits carry acid-free paper? I bet they do.
Maybe also someone should print out the entire contents of Wikipedia on acid-free paper too. 4 times a year?

sociotard said...

If the government put out a botnet 'flu shot', it would infect us with NSA surveillance. There isn't much of a way to make that reciprocally transparent. We could pass laws to tell them not too, but they'll just lie.

Hans said...

I hope that mine qualify as "minor eccentricities". I'm really don't know. What if they don't?

Hans said...

Jeeze Louise! Is there a way to fix that stupid typo? I really hate the internet sometimes.

Alex Tolley said...

@Hans - delete your comment and resubmit an error free one. I often write mine in another app rather than directly into the comment box to reduce errors.

Alfred Differ said...

There is probably a way to do the yearly flu-shot thing. Many of the tracking groups for vulnerabilities are non-government. The patches from vendors are too. I agree, though, that the agency tasked with this immunization would have to have a good rep and keep its distance from the intelligence agencies.

David Brin said...

Sociotard, instead of reflexively assuming the worst, how about doing a thought experiment how YOU would design the process, so that the p[ublic could trust the flu shot.

Seriously, the place to embed back doors is in the chip itself. We should assume they exist, the way we have discovered some in the hard drives' firm ware!

The flu shot is easy. It is designed by a big consortium of mutually competitive /suspicious incs and orgs. Then make it open source for 3 months before it's issued.

But the important thing is... couldn't YOU have said that? And made other proposals?

Alex Tolley said...

The IoT listening to you is inevitable, and I think it also means that David's hope of privacy in the home is also undermined. The hope that transparency will somehow stop this is naive. Did Murdoch have to pay a personal price for his organization's phone hacking - an extreme form of malicious surveillance? No.
Will that change? I see no sign of it.

But in a sense, the very ubiquity of these devices and the data deluge will undermine government surveillance.The sheer computing power to try to deal with it, will become very difficult to maintain. The needles in these vast haystacks wll be very sparse. Smart bad guys will just pay more care to avoid incriminating themselves. I see the commercial exploitation of these devices as more creepy, and that life might be more annoying due to malicious hacking of appliances.

Regarding storage media. In my experience, recordable CDs and DVDs are very unstable and unreliable. Magnetic media like hard drives seem to be more reliable, although prone to sudden failure. We do need highly reliable storage media. Paper seems like a good choice to me for text. We can make it more robust, e.g. creating sheets of nano crystalline cellulose. For electronic media, we need development of tehse newer mor erobust technologies, although like Cerf, (and earlier Charlie Stross,) I worry about obsolte file formats and machines to read the media.

Tony Fisk said...

Vale, Sir Terry Pratchett.

David Burns said...

"yearly "flu shot" against bot-nets [...] left to the private sector far too long."

As long as we're wishing, let the flu shot test for potential vulnerabilities and indicate how to close or mitigate them.

How is the public sector better equipped to deal with this? Is your magic wand waving away the technical details, funding problems, the laziness of users, or what? Seems to me, users already have an incentive and good solutions exist, even free ones.

But the solutions are not perfect and people are lazy. Many even drag their feet before applying free system updates, which is basic hygiene.

The idea of shunning those who fail or default on a security test sounds tempting, but I suspect there are a lot of problems we're overlooking. For instance, will your flu shot know what to do with my highly customized linux install? My obscure legacy system? My internet-of-things toaster? How will it identify "me" so that I can't take the test from a dual boot partition, and later go back to running my infected system after passing the test?

If you insist it must be funded by taxes (I'm sure all those poor people care deeply about our computer virus problems), at least consider running a contest or something to try to prevent the usual boondoggle. Maybe we should put some PR pressure on the sources of trouble, such as Microsoft, Apple and Adobe, to pitch in. Start a crowdfunded thing, where industry and government only pay out if/when the problem actually gets solved. Let people who actually have to use the thing decide who wins.

Alfred Differ said...

A yearly flu shot probably isn't enough. The bot herders learn quickly. If it's not every month, I wouldn't spend much effort trying to get it funded.

If people knew what some of the bot-net owners did with the stolen/personal property, they would be horrified. There are some really evil things going on. It's not just stolen credit card numbers and the externality this imposes on our financial system.

Imagine if you knew your machine had been used to strip someone of their identity, run up huge financial debts against them, and make that person spend the next few years trying to recover, would this bother you? Would it have to happen to you first for you to understand? Better than calling it a flu-shot, I think we should be using the word 'plague.'

Jerry Emanuelson said...

There is a type of DVD called the mdisc that supposedly will last for 1000 years. (They claim up to 16,000 years if stored under low temperature and humidity.)

The blank mdiscs look almost black on against a solid surface, but are semi-transparent when held up to the light.

Someone got the idea for them when he saw the dark stains on rocks that are common in the western United States. Some of those rock stains are apparently centuries old. Mdiscs require a stronger than average laser to record them, but they will playback on any DVD player.


My sister gave me a USB mdisc burner and ten blank mdiscs as a gift several months ago. I haven't used them yet. I will record some of them during the next few months, and I will report back in 3015 to let you know if they really lasted as long as advertised.

David Brin said...

Alfred the perfect is the enemy of the good. If we can wipe out all the CURRENT bot-nets on American (and western and then world PCs, the network that the bot-net crooks use, to promulgate new versions, will be seriously impaired. All new versions would propagate with more difficulty and nowhere near as far.

This is exactly equivalent to public health. I am not surprised that Mr. Burns doesn't see the parallel. His every paragraph was downright silly.

David Brin said...

The cost of this public health measure... maybe ten million dollars... amortized among 100, million+ citizens... yep that is reeeelly gonna hurt the poor.

And let's of course never mention the billions lost to cyber crime that would be prevented. What's all that compared to a cynical snark!

Paul451 said...


Him being a wizard, we at least know that Death personally collected him.


Tony Fisk said...

Long term archives suffer from the modern curse of infrastructure: sexlessness.*

While the stability of storage media is important, in some ways storage format is even more important. How do we read old documents written in 'closed' formats like Word 95, or WordPerfect? There are also vested interests preventing moves to more open formats (as was seen in the OOXML vs ODF debacle)

There is an alternative approach, and that is to take (ahem!) a leaf out the vegetable world. Namely, the best way to preserve an heirloom plant is to grow it and harvest the seeds. Similarly, keep updating archived documents as they are accessed.

That gives rise to a provocative thought: is a document that hasn't been read, or referred to, for a long time (say, a generation) still 'knowledge'? Would we be poorer if it were lost?

*Sex sells, yes. But I think it's vastly over-hyped method.

Tony Fisk said...

@Paul: an imagined alternate scene:

Sir Terry looked at the dark clad figure standing by his bed. "Oh, you're not who I was expecting." he said.

The attractive young woman smiled sweetly in response. "I understand, but you know how it is: we're not on a turtle."


Terry considered this. "That's very kind but, you know, if I'm to Rest In Peace there ought to be a little less shouting involved."

With that, Terry took Death’s arm and followed her through the doors and on to the black desert under the endless night.

Randall Winn said...

@Tony Fisk
//* keep updating archived documents as they are accessed.*//

Sort of like the "Ramblers" of England who walk paths to keep them open and free?

A database of urls with a "last visited" attribute could be the foundation of a game I suppose. Open the box (see the URL) win a prize?


@Jumper ...
//*You could monetize that gunshot app, Randall.*//

"Win a free packet of Cheetoes if your data packet is used to solve a crime!"

A.F. Rey said...

@Terry & Paul:

You forgot to mention how they both gave the cat a pet before leaving. (You know neither of them could resist eliciting a final purr from the sleeping beast.) :)

David Brin said...

Tony that was very nice.

Disney is “betting a billion dollars on a magical wrist band.” A new ticketing method that will let each member of your family get personalized treatment from the instant you enter the park, always welcomed into the correct line, walking out of stores with merchandise paid for without visiting a cashier, ordering food before arriving at a restaurant and sitting at any table, knowing the food will arrive….

…And if someone doesn’t add this to my predictions registry wiki, then wah!

Read this chapter from EXISTENCE… set at the Shanghai World of Disney and the Monkey King, in the year 2045. And tell me Disney shouldn’t at least give me a nice family pass. Only the date was wrong. Stuff catches up with science fiction faster and faster.

Alfred Differ said...

I'm not so sure the price tag would come in near $10M. I work for the US Navy as an IT/IA guy (contractor) and I can tell you it is very expensive to keep systems clean AND useful. We have obvious reasons for a lot of overhead costs the public wouldn't need, but the scanning, patching, and guideline tools are unavoidable.

One of the reasons I own Apple products is I prefer to pay them to keep my personal systems updated. I remain aware of which extra applications I've installed and I check them periodically, but this logistical task is beyond what most people are trained to do for themselves. That means this public health measure must support scanning tools and be able to demand from software vendors a minimum of participation to properly describe how to detect their software, version numbers, and library dependencies. THAT is where the budget will balloon as I know of no good way to manage all that without hiring the human staff to do it.

I agree that going after OS and major platform (flash, java, etc) vulnerabilities first is worth doing, but it won't stop there. Fortunately for this here libertarian, I won't object if the budget expands too much. This is certainly worth doing. Negative externalities must be mercilessly squished.

Alex Tolley said...

With OS's I am reminded of Scotty's line in Star Trek III: " The more they overthink the plumbing, the easier it is to stop up the drain. "

With Java, the original plan was to make a secure sandbox. But it didn't take long before demand to control security allowed all sorts of attacks on the computer. Javascript's eval function is just a gaping hole for attacks. And on and on. We really need a secure OS for general purpose use and a way for the user to ensure that any applications cannot attack the computer in any way. Commercial OSs for consumer use have become bloated kluges with ways to "stop up the drain". I wouldn't any longer trust the US government to create such a secure OS, but perhaps a software firm could do so.

David Brin said...

Yipe, you guys just refuse to play along and squint and imagine - what if the govt coordinated the biggest companies plus EFF and NGOs in this endeavor. At first you might get a negative sum mess. But since ALLL of them benefit if this works, there just might be people involved smart enough to do it... un? ... right?

Then release open source for crit-feedback and error discovery.

What I don't get is why the reflex is always not just to assume the worst, but to assume that the best .. or even the okay... is so intrinsically IMPOSSIBLE that there's no point even fantacizing how it might happen.

Alex Tolley said...

@David - The US government has already been implicated in getting companies to create back doors to encryption. As the old adage goes: "It takes a lifetime to build a reputation, but just one day to lose it". US government involvement is now poisoned by this behavior. Consequence, consequences.

Open source helps to be sure, as it is a transparency. But is that going to be good enough, and does transparency help or hinder net-net? I would prefer a organization that has real skin in the game to develop such code. Recall that real flu-vaccines are not made well today, and companies do not have any skin in that game due to the method of remuneration. A government lab might be best for real vaccines, especially as there is no advantage for the government to not make a good job of the production.

Better to build a robust OS or web, rather than treat the symptoms of insecure ones. I would gladly buy a smartphone OS that was [nearly] invulnerable to malware at the cost of some functionality.

briant said...

I don't think a national "clean-up" day would be cost effective. I used to work in IT and I can't think of a way that a millions of dollars idea would help. Large businesses spend multiple millions of IT dollars trying to keep their networks clean.

I would propose something a little more radical for "cleaning up" the internet. I would split off the NSA's evesdropping infrastructure into its own department, lets call it NSAlight. That department would be responsible for lightly policing the internet. They would not deal with end users but just networks operators and feds/police. If a business was getting attacked by a DDOS attack, the NSAlight would be able to see where the attacks were coming from. They wouldn't directly try to stop the attack. Instead they would try to prevent future ones by reporting the source IPs to their ISPs and also by working with network operators to configure networks to block inappropriate traffic from leaving/entering the operators network. The NSAlight could also apply NSA style filters to traffic data to look for known botnets (reported by antivirus companies?) and report the involved IPs to appropriate ISPs. I would consider them the Highway patrol of the internet.

A nice side effect of splitting the snooping infrastructure out of the NSA is we could both apply stronger transparency requirements to it and also let other institutions (FBI, CIA, local police, etc...) request data as necessary with appropriately submitted warrants.

David Brin said...

Texas bill would make recording police illegal: Citizens who are armed (with cameras) would not be permitted to record police activity within 100 feet of an officer on duty. The offense would be a misdemeanor. This bill would contradict the precedent set in 2011 by an appeals court, which found that citizens are allowed to record police.

Alex Tolley said...

"My bill ... just asks filmers to stand back a little so as not to interfere with law enforcement,"

So if you are the one being stopped in a car, for example, you cannot film the interaction to protect yourself.

The representative has also tried (and failed) to get a bill passed that would allow citizens to ignore laws based on their religious objections.

Texas, leading the the country back to the 19th century.

Alex Tolley said...
This comment has been removed by the author.
Alfred Differ said...

Squinting and imagining. Hmm. There are intelligent monsters out there. Squinting makes it hard to see them. 8)

What you folks might want to consider is the DoD has a serious interest in getting you all to protect yourselves properly. Lots of bad stuff we get hit with comes from compromised systems owned by US citizens. If you have a patriotic itch or kids of your own serving overseas, consider learning how to defend your home front.

If you are inclined to lump the DoD in with the NSA, you aren’t thinking about the different missions we all serve. It does make some sense to split the NSA, but you don’t have to wait to find someone who seriously wants a home front that can’t be used against us.

Jumper said...

It might help if OS developers had sense. I have no way to monitor my OWN packets in my OS. Just volume.
Also the communications are abysmal: I get alerts saying "analyzing for threats." It never occurs to whomever writes these things to include a subject noun. WHO is analyzing? My OS, my antivirus, or my browser?
Stupidity reigns. Just to rub salt in my wound, you know these guys think they're geniuses...

Paul Shen-Brown said...

Leonard Nimoy, Edgar Froese and now Terry Pratchett - this has been a very harsh winter! Worthy of a more eloquent writer than myself.

Alfred Differ said...


Thank you for the chuckle. 8)

Geniuses. Right. Savants maybe... 8)

You CAN monitor all your own stuff, but by the time you learn now my team might want to hire you. IA/Security folks are in short supply right now. If you are female, so much the better since there is a chance you think different from the usual fools who mess with our lives.

John's Secret Identity™ said...

"...instead of owning a car, for example, you rent one only on the days you need, summoned with an Uber-like app perhaps. Despite the benefits this shift may have for city congestion and air pollution (we'll only need a fraction of the current number of cars in the world we have now)..."

I think a lot of people are imagining this wrong. I think people are picturing this as getting cars off the road. But I think people would still drive (or ride) anywhere they wanted, and still make about as many trips, so there would still be about as many running cars out on the road. There just wouldn't be as many sitting in parking lots.

So the pollution benefits would come from the productions side, not the operation side, and maybe a bit from some folks being more willing to share a ride in a car that isn't theirs and thus isn't likely to be embarrassingly messy or what have you. And maybe from excess parking space being converted to additional business space (bringing some of your potential destinations that much closer to you), or to small parks and green space.

Duncan Cairncross said...

Hi John

The pollution benefits come from the fact that different vehicles will be used
Because it's only being used for your commute - and you can get something different when you want it there is no reason for you to be in a two tonne family car capable of towing your boat.
Instead you will be commuting in a small one or two seater probably electric