Saturday, December 18, 2010

Google's kid problem - something for the GOP led house to chew on

Google has a kid problem.

The latest example is the new Google eBooks iOS app. It seemed like a good option for my kids iOS devices. Problem is, like every Google app I've looked at it, it has an embedded browser. Disabling Safari doesn't disable webkit use, so the browser is always available. A full Google search prompt is only a few clicks away, so the iPhone eBook app effectively disables iOS parental controls.

Just like Google's ad platform disables iOS parental controls.

I wish Apple would give all apps with embedded browsers and NC17 rating. Still, this is Google's problem -- not Apple's. Google has the same problem with Android devices (no parental controls at all) and with Google search (no effective parental controls). I'm sure Chrome OS will be no better.

I guess we have to wait until the founders have kids. The one bright side of the GOP dominated House is that they might give Google a hard time about this. Google is no friend of the GOP, and those guys know how to turn the heat up.

Google may have to start paying attentions to kids. They can start by having their iOS devices disable WebKit use when Safari is disabled.

Thursday, December 16, 2010

Jon Swift (Al Weisel) died Feb 27, 2010

During the Bush years I found solace in the ironic writings of Jon Swift. He didn't write every day, so I didn't notice when he stopped.

Today, browsing old links, I saw his blog. The last post was in March of 2009, a link to a friend's tragedy.

There's a lot of spam in the comment thread on that post, but midway down is a story ...

I don't know how else to tell you all who love this blog. I am Jon Swift's Mom and I guess I'm going to OUT him. He was Al Weisel, my beloved son. Al was on his way to his father's funeral in VA when he suffered 2 aortic aneurysms, a leaky aortic valve and an aortic artery dissection from his heart to his pelvis. He had 3 major surgeries within 24 hours and sometime during those surgeries also suffered a severe stroke. We, his 2 sisters, his brother, his partner and his best friend since he was 9 years old were with him as he took his last breath. We have all lost a shining start who warmed our hearts, tormented us and made us laugh as he giggled at our pulling something over on us. He passed away on February 27, 2010. My beloved child will live on in so many hearts. I miss him more than I can say. If you are on Facebook, go to organizations and join "Friends of Al Weisel, Unite!" It will give you just a taste of how special he was. Farewell, Jon (Al)

The blog went silent almost a year before he died. This news got some coverage in March of 2010, but I don't read many lefty blogs (I'm lefty enough). If you enjoyed Jon's writings, spare a moment for his partner, friends and family.

This post has links to some of his best writing.

I'm guessing his partner didn't have his passwords, or there would have been a follow-up post and the commenting would have been disabled.

The Hugo Awards revisited - 58 years later

Tor's Jo Walton is reviewing the Hugo Awards Nominees -- starting in 1953.  I started reading science fiction in the 1960s, so many of the early winners are vaguely familiar.

Jo refers us to the Locus Index to SF Awards, such as this 1959 Hugo listing including Alfred Bester's 1959s short story "The Men Who Murdered Mohammed" - which is not nearly as inflammatory as it sounds.

Many of these stories can, with some work, be ordered through well connected libraries. I plan to try a few.

Yahoo kills Delicious - don't say you weren't warned about the Cloud

Not surprising ...

Michael Tsai - Blog - Yahoo Shuts Down Delicious:

Delicious was a good service, and I’m sorry to see all the data and metadata that people have entered go away

Some fear Flickr is next - like Digital Railroad. I wrote about Yahoo's likely use of Flickr in 2008.

Don't say I didn't warn you.

I don't put anything "in the Cloud" I can't walk away from. One reason I use Simplenote is that I have completely usable and completely current local copies of all data. If they go away tomorrow I can switch to an alternative in minutes.

Google deserves credit for supporting "data freedom" -- which is the only thing that can make the Cloud tolerable. Most recently the data liberation front gave OS X users an easy way to download entire online albums.  Google has a spotty data history, but I give them credit for their data freedom team.

See also:

Alta Vista RIP

In the 90s I taught physicians how to use the Internet. It gave me an excuse to attend Society of Teachers of Family Medicine and American Academy of Family Practice conferences. I didn't use PowerPoint, my "slides" were a set of web pages shared between different frames, like a slide on Digital's Alta Vista Search Engine:

Screen shot 2010-12-16 at 6.59.16 PM.png

In 1997 I wrote a series of tips on using Alta Vista like ...

+noir +film -"pinot noir"

Matches may be required, or prohibited. Precede a required word or phrase with + and a prohibited one with -. This query finds documents containing film and noir, but not containing pinot noir.

By 1999 though I was writing ...

There are about 800 million web pages that are publicly accessible (Feb. 1999 [1]). This excludes, for example, the New York Times and the Encyclopedia Brittanica! These are the pages that a search engine can find for you.

Until 1999 the best search engine was AltaVista. It had about the widest coverage (16% [1],[2]), very good performance, and a powerful but slightly complex search language. When AltaVista failed, Profusion was a great way to try every other useful search engine.

Then came Google, and everybody else became history.

This document introduces Google, and talks about how to use AltaVista and Profusion on those occasions that Google doesn't succeed.

Google crushed Alta Vista in the mid 90s. After that things went downhill - for Digital (acquired by short lived Compaq) as well as Alta Vista. I remember a strange project in the twilight years, a Snow Crash/Neuromancer inspired Alta Vista virtual office tower for business in cyberspace. I had an address there. It was kind of silly.

Even in the twilight years though, Alta Vista had a good translation service. I missed Alta Vista's "near" operator, even though Google searches were much better (Google now has it).

Eventually Yahoo bought the remnants of Alta Vista, probably for the patents and the remnant traffic. Today Yahoo shuttered Alta Vista.

RIP Alta Vista. Historians will forget there was anything before Google. The truth is Alta Vista was pretty good, and if Google had never existed the web might have been much the same.

Tuesday, December 14, 2010

Gawker was hacked yesterday. Today LinkedIn?

Yesterday we learned Gawker was hacked. I got this message today ...

We have recently disabled your account for security reasons. To reset your password, follow these quick steps:
....
The LinkedIn Team

My LinkedIn password was not the same as the disposable Gawker password. It wasn't an ultra secure 64 character random string, but it was a 5th percentile good quality password, one of my class III credentials. It wouldn't fall to a standard attack.

So was LinkedIn hacked? Is this a false alarm? Are they being extra cautious after the Gawker hack?

There's another possibility. Since my Gmail account was hacked I don't enter my Google credentials on untrusted machines. Practically speaking, that means only OS X machines I control. Since that day I divide my credentials into five classes.

  • I: You want it? Take it.
  • II: I'd rather you didn't.
  • III: Help!! Help!!
  • IV: I'll fight you for it.
  • V: Kreegah bundolo! Kill!!

Category IV and V credentials are only used on trusted machines. Category I is used everywhere. Category II and III I'll use on my work machine -- an XP box with corporate class antiviral software. In other words, a vulnerable machine.

The fourth possibility is that one of my Category III credentials has fallen to a keystroke logger on my corporate laptop.

Yech.

I've reset my LinkedIn password (and reviewed the list of reset emails), and, on reflection, I've moved those credentials into "Class IV". So I won't use those credentials on an untrusted machine.

What's next?

See also (my stuff):

Update 12/14/10: LinkedIn wasn't hacked, unless you consider that they've hacked themselves. They'd matched every email address posted by the Gawker hackers, and reset the passwords associated with them. They explain that today (emphases mine) ...

We recently sent you a message stating that your LinkedIn password had been disabled for security reasons. (Note: If you have more than one email registered with us, you will receive more than one password reset message. You only need to act on one of them.)

This was in response to a security breach on a different site, Gawker.com, where a number of usernames and passwords were exposed. We want to make sure those leaked emails and passwords were not being used to attack any LinkedIn members.

There is no indication that your LinkedIn account has been affected, but since it shares an email with the compromised Gawker accounts, we decided to ensure its safety by asking you to reset its password ...

They would have done better to explain that yesterday. What a screw up.

Monday, December 13, 2010

The Gawker hack - and two factor authentication

I got my email from Gawker today

... the user name and password associated with your comment account were released on the internet...

Gawker was hacked - big time. Forbes has the gory details ...

The Real Lessons Of Gawker’s Security Mess - The Firewall - the world of security - Forbes

... Despite this, they do not really seem to be acknowledging the scale of what happened. They still try to put some blame back on users, suggesting that if they had a weak password they might be compromised. Well, that really does not make much of a difference when you expose the entire database table and have way too much faith in the 34 year old encryption algorithm reported to be used to safeguard the data...

Briefly, I take security far more seriously than Team Gawker. They were a big fat soft target.

I don't remember creating a Gawker account - I probably created it on io9 originally. I'm sure I used my throwaway password (still far more robust than most). I have retired that password, but it will now be a part of a future dictionary attack. I need to check that Emily doesn't use it any more either.

In the wake of these events there are typically calls to "use strong passwords". Except, of course, if the server side password store encryption is hacked then even the world's best password is useless. And, of course, there are keystroke loggers out there.

This is what I do now, but, really, we need two factor authentication urgently.

I did go through Gawker's password reset procedure, which seems to have given me a new username and password. There's no way currently to get to their accounts page so I'll just leave it as it is.

Update 12/14/10: This Lifehacker (Gawker) article on lessons learned from a hacked google account is quite ironic now. They didn't learn any lessons.

There've been two good commentaries today ...

The snowy 70s and nordic skiing

I came of age in Montreal in the 70s. It was a snowy time, and, not coincidentally, Cross Country (Nordic) skiing was relatively popular. There were cross country resorts as far south as mid-Pennsylvania.

Then came the 80s. The snows went away, the resorts closed, and cross country skiing declined. When global warming became obvious in the late 90s I figured that was the end of my favorite sport.

Now some are wondering if the 70s are back ...

Snow storm snarls Midwest: Is US facing another extreme winter? - CSMonitor.com

.... Scientists at the University of Wisconsin in Madison are among those trying to understand the mysterious interplay between Pacific and North Atlantic weather phenomena that threaten to dunk the Eastern US into a second year in a row of 1970s-style blizzards and cold snaps...

... Scientists speculate that heat released from storms racing up the US East Coast toward the Labrador Sea may be feeding the so-called North Atlantic Oscillation – nicknamed "The Greenland Block" – in ways that are not yet understood. The region of high pressure over Greenland has pushed huge troughs of Canadian air into the US, causing the fifth biggest snow storm on record in Minneapolis over the weekend and now threatening Orlando, Fla., with 20 degree F temperatures.

The atmospheric upset has had the opposite effect on parts of the West, where cities like Long Beach, Calif., and Phoenix saw record high temperatures Monday...

So now I know why my childhood was snowy. It's news to me. I found a bit more about it in this Feb 2011 article inspired by DC snow ...

The North Atlantic Oscillation, a mid-oceanic pressure system, has some distinct internal variability, but generally it alternates between roughly 25-year-periods of warm, then cold, temperatures. During the previous cold phase, which lasted from about 1960 to 1985, there were major winter storms in the Washington, D.C., area every couple of years — big snow storms hampered John F. Kennedy's inauguration in 1961 and a week of sub-zero temperatures chilled many people attending Ronald Reagan's second inauguration. Like the current storm, these storms dumped lots of snow: A 1979 storm dropped 18.7 inches and a 1983 storm dropped 16.6 inches. The storm that struck the capital region in December 2009 also dumped 16.6 inches of snow in D.C.

Those biggies of the past were usually also associated with El Niño, like this year. The North Atlantic Oscillation brings colder weather; the El Niño, which arises out of an unusually warm equatorial Pacific Ocean and occurs roughly every two to seven years, brings moisture to the Mid-Atlantic...

From my selfish point of view, snowy winters are excellent. Even with global warming Minnesota is cold enough for winter snow -- we're just too dry. These past two years we've gotten the moisture we need.

Maybe cross country skiing will make a bit of a comeback, even if the long term outlook is a bit bleak.

 

Sunday, December 12, 2010

Obama's rant explained

Last week Obama blew up at Krugman.

Oh, sure, he was supposed to be attacking annoying liberal idealists (i.e. his supporters), but we all know it's Krugman who gets under his skin. Barack was beating on Paul.

What we didn't know was why.

Now we know ...

Smoking in D.C.: Obama, Boehner and the Surgeon General’s Report - Health Blog - WSJ

... I have not seen or witnessed evidence of any smoking in probably nine months,’ Gibbs said, continuing:

This is not something that he’s proud of. He knows that it’s not good for him. He doesn’t like children to know about it, obviously, including his. But I think he has worked extremely hard, and I think he would tell you even when in the midst of a tax agreement and a START deal and all the other things that accumulate, even where he might have once found some comfort in that, he’s pushed it away...

...Meantime, Speaker-of-the-House-to-be John Boehner is apparently not trying to kick his own habit. Politico also reports that he was seen smoking in a public area of the Capitol, which would be in violation of a House rule. (Boehner’s office declined comment to Politico.)"

Nicotine withdrawals is famously vicious for true addicts, and Barack has been wearing a big monkey. Going off the hard stuff is gonna lead to a crazed rant or two.

So give the guy a break. He's trying. I wouldn't be surprised if this is something he wants to give his kids for Christmas.

Meanwhile Boehner is every bit the ass we know he is. Of course in his own way he's probably reinforcing Barack's resolve...

Thursday, December 09, 2010

Terry Pratchett on fading from dementia

via Pharyngula, I find Terry Pratchett has written an article for the journal of mental health. His goal is make dementia something we can actually talk about, as a start to doing something about it.

Informa Healthcare - Journal of Mental Health - 19(4):363 - Full Text

.... have posterior cortical atrophy or PCA. They say, rather ingenuously, that if you have Alzheimer's it's the best form of Alzheimer's to have. This is a moot point, but what it does do, while gradually robbing you of memory, visual acuity and other things you didn't know you had until you miss them, is leave you more or less as fluent and coherent as you always have been.

I spoke to a fellow sufferer recently (or as I prefer to say, ‘a person who is thoroughly annoyed with the fact they have dementia’) who talked in the tones of a university lecturer and in every respect was quite capable of taking part in an animated conversation. Nevertheless, he could not see the teacup in front of him. His eyes knew that the cup was there; his brain was not passing along the information. This disease slips you away a little bit at a time and lets you watch it happen...

I suspect Pratchett knows it's likely too late for him, but this is something he can do (he also donated $1 million, he's an honorably rich man).

I've read over 45 of Pratchett's books, he's written 47. I think I've missed one or two of his very earliest, before he was famous. If this were a just world, he'd be considered for the literature Nobel. It's not too late.

Pratchett writes "fantasy" for the same reason Banks writes science fiction. It's a way to write about subjects too big for conventional literature. Yes, he also likes to entertain.

Wikipedia has a full list of his Discworld novels. You can start just about anywhere, though the later novels do expect that you've at least red the Discworld wikipedia page. My favorites are between 1990 and 1998. Small Gods (1992) and Carpe Jugulum are a good pair, and this time of year Hogfather is a family favorite. All of the books are available through the St. Paul public library, and we own about a dozen or so. They are well worth rereading.

Information leakage in the digital age

Forget WikiLeaks [1].

I use my iPhone to record voice snippets. Ideas, plans, thoughts and so on.

When I sync my iPhone they go to the iTunes Library.

When my son uses his iPhone remote he broadcasts my voice recordings over the home stereo.

Fortunately they've been quite benign.

[1] Ok. Schneier has the best commentary. Cringely points out that Assange would never leak Israeli secrets because he'd then die.

Tuesday, December 07, 2010

Why did medical progress slow after 1984?

From 1910 to 1984 medical progress was extremely swift. After 1984, not so much. As I wrote in 1998 ...

Gordon's Notes: Challenges to medicine and science – medication invention hits a brick wall

... I can vouch for the lack of progress. I’m wrapping up a review of roughly the last 7 years of changes in medical practice.

To put it delicately, progress has sucked. If you put a good physician to sleep 7 years ago, and woke her up today, she’d be reasonable competent on day one. A week later she’d be fully up to speed.

My med review conclusions are:

  • Lots of new combinations of old drugs, maybe due to co-pay schemes Many new drugs have suicidal ideation as a side-effect.
  • Lots of failed immune related drugs re-purposed with limited focal impact on a few disorders. Probably some improvements in seizure meds.
  • Lots of new Parkinson’s and diabetes meds, but they’ve had limited value. (metformin was a home run, but that was more than 7 years ago).
  • Really lousy progress in antibiotics; there are fewer useful therapies now than 7 years ago. Actually, fewer every year...

Twenty-five years ago it was reasonable to criticize physicians for failing to keep up with a rapidly expanding medical literature. I used to lecture on that topic in residency and beyond, teaching "Grateful Med" [1] use with MEDLINE [2] before the internet went public.

By 1992 though I was getting suspicious. Many exciting journal findings were being reversed within 2-3 years. I planned out a small research study, looking at ten year success measures for novel therapeutic recommendations published in leading journals.

I never did that study, instead I moved from academic to industry. Later John Ioannidis did something similar [3]. Writing in 2010, he demonstrates that modern medical progress is slow with many reversals and lateral moves. The era of rapid progress in medicine is over.

Some of the consequences of slow progress are obvious. Nobody in 1984 would have predicted that by 2010 we still wouldn't be able to cure or prevent multiple sclerosis, rheumatoid arthritis, Alzheimer's disease, or diabetes mellitus. Even as recently as 2000, nobody would imagine the near total failure of clinical genomics. Such negativity would have been considered irrational pessimism.

Other consequences are less obvious. True innovation produces bigger results for less effort. In the absence of innovation there's only raw effort. That translates to more money spent on health care to achieve smaller results. Without genuine innovation, health care cost control is exquisitely painful.

So why has medical progress slowed so much?

One can imagine a lot of cultural explanations, but it's not just US health care innovation that slowed. It slowed everywhere.

I suspect it's more like what happened to aeronautical or automotive engineering or cars or, with the death of Moore's Law, CPUs. The period of medical progress from 1910 to 1984 was an anomaly, an explosive renaissance arising from a "perfect storm" of emerging technologies and cultural receptivity. It was wonderful, but it's been over for a while. The gasoline engine gets a little better every year, and so does medicine.

One day there will be another renaissance in medicine. We just can't predict when.

There's a silver lining of course. Physicians needn't feel guilty about not keeping up with the literature.

See also:

-- footnotes

[1] A terrific DOS and Mac Classic app, named by a terrific National Library of Medicine project leader who was also a Grateful Dead fan. It was the successor to today's PubMed, but I think it was, in several ways, better than PubMed. Grateful Med was a graphical shell over a terminal interface; in 1996 Internet Grateful Med took over. The 1993 version was the best though.

[2] I am just entropic enough to remember the vast shelves of paper-bound "Index Medicus"; dozens of yards of books listing research publications.

[3] Thinking is easy. Doing is hard.

Sunday, December 05, 2010

If Google acquires Groupon they're absolutely insane

There's a rumor that Google is going to acquire Groupon for a zillion dollars.

I signed up to see what it was about. Naturally I used my mail.yahoo.com junk email address - a disposable digital identity. (If it ever annoys me too much, I will destroy it and create a new Yahoo persona.)

Groupon is a service that sends you spam. You can't opt out of the spam. Oh, and you can never leave. There's no obvious way to delete a Groupon account.

If Google buys Groupon then I will begin disentangling my data from Google. It will be an incontrovertible sign that they've gone off the rails.

Why you will live in an iOS world

Five years ago, just before Microsoft Vista was released, our household CIO made a strategic decision. We would move to OS X.

It wasn't a hard decision. The cost of supporting both XP and OS X was too high, XP's security, debugging and maintenance issues were intractable, and OS X had a much more interesting software marketplace. Moving to OS X would dramatically reduce our cost of ownership, which was primarily the CIO's opportunity cost. Time spent managing XP meant less time spent on my health and on family joys and obligations. [6]

It worked beautifully. One of my best strategic decisions. Yes, I curse Apple with the best of them, but I know the alternatives. I'm not going anywhere.

Except I am going somewhere. I will fade. So will you, though there's a bit more hope for the under-30 crowd. We might be able to slow the natural deterioration of the human brain (aka "Alzheimer's" and its relatives [4]) by 2030. It's too late for the boomers though, and probably too late for Gen X.

Sure, I'm still the silverback of the geek tribe. I may have lost a step, but between experience and Google I still crush the tough ones with a single blow.

Not for long though. I give myself ten years at most. I won't be able to manage something like OS X version 20, and I don't want to be reliant on my geek inheritor - son #2.

We will need to simplify. In particular, we'll need to simplify our tech infrastructure (and our finances [1] and online identities [7] too).

So our next migration will be to iOS - a closed, curated, hard target, simpler world.

You'll be going there too -- even if you're not fading (yet). The weight of the Boomers [2] will shift the market to Apple's iOS and its emerging equivalents. Equivalents like ChromeOS, now turning into iOS for desktop device with its own App Store [5].

I still have a few years of OS X left, including, if all goes well, the 11" MacBook Air I've been studying. The household CIO's job, however, is to think strategically. Our future household acquisitions will shift more and more to iOS devices, possibly starting with iPad 2.0 (2011) [3].

I expect by 2018 we'll be living in largely iOS-equivalent world, and so will you.

-- footnotes

[1] I miss Quicken 1996 -- before Intuit went to the DarkSeid.
[2] The 2016 remake of Logan's Run will be a smash hit. 
[3] I bought iPad 1.0 for my 80yo mother -- same reasons.
[4] 1989 was when the National Institutes of Health needed to launch a "Manhattan Project" style dementia-management program. I wasn't the only person to say this at the time. 
[5] If their first netbook device doesn't come in under $150 with batteries Google is in deep trouble. Android is not an iOS-equivalent, it's a lot more like XP. 
[6] Pogue's 10 year tech retrospective is a beautiful summary of the costs of making the wrong household tech decisions. He misses the key point though. The real costs are not the purchase costs, or the immense amount of failed invention, or the landfill costs -- it's the opportunity costs of all the time lost to tech churn. I've a hunch this opportunity cost is important to understanding what happened to the world economy between 1994 and 2010. That's another post though!
[7] Digital identities proliferate like weeds. Do you know where all your identities are?

Saturday, December 04, 2010

Cheating in education

A mercenary academic writes essays for students. It's an interesting story, though since the author is essentially a con man I don't have a lot of confidence in the details.

I was impressed by how much the students pay for their essays. For many of these people that's a lot of money.

I was also impressed by the blackmail potential. These students are putting a lot of trust in a shady character. "Ed Dante" knows their names, and has proof of services delivered. If I were paying him, I'd use a pseudonym.

Otherwise, it doesn't seem like a terribly worrisome problem, there are many other ways to evaluate students that are less amenable to fraud. If teachers don't use them, it may be that the fraud works for them too.