What is the meaning of LinkedIn?

Thanks to John Biggs for inspiring this piece; I cosign most of what he says here. I have long been mystified by LinkedIn, because of its spectacular uselessness (for me) as a professional social network. But I also assumed it was useful for someone. Now, though, I’m beginning to wonder if the emperor is naked after all, and LinkedIn is purely a fantasy social network for people cosplaying that game called success. Let me hasten to stress that LinkedIn isn’t useless full stop. It’s a very good CV repository, and, I am given to understand, a very good recruiting site. (And per Biggs’s post, about as good a content site as most recruiting sites, which is to say, bad.) But it’s supposed to be much more than just a fancied-up Hired or Indeed, right? It’s supposed to be “the professional social network.” So I’ve long been baffled: why
Continue reading "What is the meaning of LinkedIn?"


I spent TechCrunch’s latest Disrupt extravaganza asking questions of various notables onstage, and what struck me most was how fantastically optimistic they were. To pick two examples: Kai-Fu Lee talked about preparing for a world of mass plenitude and abundance 30-50 years from now; Dario Gil waxed enthusiastic about quantum computers simulating life-changing new materials and pharmaceuticals, transforming everyone’s lives for the better. And then I turned around and returned to the world of hair-trigger outrage, condemnation, consternation, pessimism, gloom and impending apocalypse; which is to say, America and social media, where it sometimes seems an encouraging word is rarely heard without being promptly drowned out by a dozen angry doomsayers prophesying rains of fire and blood. Surely the truth is somewhere in between; surely any rational assessment of the future must include a mixture of both optimism and pessimism. So why do those seem like two entirely separate modes
Continue reading "Optimistic"

Burning Man: sympathy for the turnkey devil

The most interesting thing about Burning Man, says me, is that it’s a testbed for a post-scarcity society. The irony of course is that such a testbed requires enormous amounts of money and resources, in a highly hostile and inaccessible environment. That’s how far you have to go to get away from the monetary / scarcity hierarchies of our world. It’s a lot of other things, of course — the world’s biggest, craziest, and most spectacular party, a huge EDM festival, a massive outdoor art gallery (both ephemeral and permanent — museum curators go out there to inspect the work with an eye towards adding to their collections), an experimental community, a secular pagan ritual, a set & setting for psychedelics, a holiday / reunion with one’s friends, etcetera etcetera. Amusingly it is widely misunderstood as a hippie event, when its flamethrowers:guitars ratio is roughly 100:1 and its mottos include
Continue reading "Burning Man: sympathy for the turnkey devil"

Hating the wrong tech people for the right reasons

The slings and arrows aimed at tech’s titans these days are almost too numerous to count. Jeff Bezos: squandering money on space while exploiting warehouse employees. Mark Zuckerberg: complicit in everything from genocide to the death of democracy. Larry Page and Sergey Brin: in bed with China and the military. Elon Musk: where even to begin? Tim Cook has mostly escaped the brickbats, but if Steve Jobs were still with us, it seems plausible he’d be the biggest target of all. And the list goes on from there, of course. Let’s not kid ourselves: a lot of this criticism is warranted. Amazon should treat its warehouse workers better. Facebook should have seen the new form of information warfare coming from further away, recognized it when it was happening, and responded much faster and more decisively. Google shouldn’t have come as close as it did to implementing Project Maven. Tesla should
Continue reading "Hating the wrong tech people for the right reasons"

What the hell is the deal with Tether?

It was a simple concept: a cryptocurrency whose units were always and constantly worth exactly one dollar, because they were backed by dollars held in a bank. Voila: dollars with the powers of crypto, such as the ability to quickly and permissionlessly transfer an arbitrary amount … and, er, a certain lack of pesky regulations. Now there are $2.7 billion worth of Tether in circulation, and they are anything but simple. (Euro Tether also exist but they’re a rounding error.) Who created Tether? The same people behind the exchange BitFinex, with whom Tether shares a CEO, a CFO, and (until recently) a Chief Strategy Officer. That much we can be fairly confident about. But everything else about this money is shrouded in a deep fog of mystery tinged with misconduct. Who buys Tether? It’s hard to say; you can trade USD for them at a couple
Continue reading "What the hell is the deal with Tether?"

Nobody minding the store: security in the age of the lowest bidder

So, to recap: Satellite communication systems worldwide are “protected” by easily cracked hard-coded passwords. The private internet connecting the world’s mobile phone operators remains replete with vulnerabilities. Russia has successfully hacked into American power-plant control systems. Oh, and voting machines in use in 18 states can be remotely hijacked.

Do you see a theme here? We assume that everything is fine, that the world in which we live rests on solid foundations, that competent grown-ups are in charge of the fundamental infrastructure on which our society rests, which have been constructed as fault-tolerant, resilient systems. We

Continue reading "Nobody minding the store: security in the age of the lowest bidder"

Voatz: a tale of a terrible, horrible, no-good, very bad idea

Let’s get the fish in the barrel out of the way. Voatz are a tech startup whose bright idea was to disrupt democracy by having people vote on their phone, and store the votes on, you guessed it, a blockchain. Does this sound like a bad idea? Welp. It turned out that they seemed awfully casual about basic principles of software security, such as not hard-coding your AWS credentials. It turned out that their blockchain was an eight-node Hyperledger install, i.e. one phenomenologically not especially distinguishable from databases secured by passwords. They have been widely and justly chastised for these things. But they aren’t what’s important. To their credit, their system is opt-in, and apparently generates real-time voter-verified paper ballots, the single most important thing about any voting system. But still. We need to step back and ask a question here: why are we trying to vote
Continue reading "Voatz: a tale of a terrible, horrible, no-good, very bad idea"

Hackers on new “secure” phone networks can bill your account for their roaming charges

I have good news! The infamous SS7 networks used by mobile operators to interoperate, e.g.
when you’re roaming — which were built on trust, essentially devoid of security, and permitted rampant fraud, SMS hijacking, eavesdropping, password theft, etc. — are being replaced. Slowly. But I have bad news, too! Which is: the new systems still have gaping holes. One such was described at the Def Con hacking convention today by Dr. Silke Holtmanns of Nokia Bell Labs. She gave a fascinating-to-geeks-like me summary of how the IPX network which connected five Scandinavian phone systems in 1991, using the SS7 protocol suite secured entirely by mutual trust, has grown into a massive global “private Internet” connecting more than two thousand companies and other entities. It is this private network-of-networks which lets you fly to another country and use your phone there, among many other services. The quote which stood out
Continue reading "Hackers on new “secure” phone networks can bill your account for their roaming charges"

Cryptocurrency insecurity: IOTA, BCash and too many more

Cryptocurrencies: a weird agglomerate of fascinating technology built by brilliant engineers; a whole new and potentially important form of economics; … and hype-machine puffed-up crazy-talk nonsense. So, as you might expect, they also combine state-of-the art resilient engineering and comical clown-car so-called security. Yes, that’s right — I want to talk about IOTA, and (to an extent) Bitcoin Cash. Modern security practices include: an understanding of and commitment to responsible disclosure; making yourself available and accessible to third-party security researchers; offering bug bounties; fuzzing your code; etcetera. They also include valuable truisms such as “don’t roll your own crypto.” Here that’s crypto as in cryptography, and it means, always always always use tried and time-tested cryptographic algorithms and implementations. Do not try to build your own from scratch. You will regret it. IOTA, currently the world’s tenth most valuable cryptocurrency, took an … assertively contrarian stance
Continue reading "Cryptocurrency insecurity: IOTA, BCash and too many more"

Everything is … less terrible

To hack: to study a system’s flaws and emergent properties, and use them for your own ends; to instil your own instructions into a computer’s memory, and coerce its microprocessor to run them. To pick at the air gaps and missed stitches in the many overlapping layers of software from which our modern world is woven. Et voilà, an entire industry, employing countless thousands. Information Security a.k.a. infosec. It is said that there are four PR people for every journalist in America, which seems high, but I expect the ratio of infosec people to actual hackers is higher yet, even if you count the proverbial script kiddies. For a long time it was where the counterculture techies went, the curmudgeons, the renegades, in black boots and leather and tattoos and colored hair. By no coincidence they also tended to include many of the smartest ones. (I’m a
Continue reading "Everything is … less terrible"

Hack the planet: vulnerabilities unearthed in satellite systems used around the globe

So this is bad. Black Hat, the king of enterprise security conventions, kicked off today, and most noticeable amid the fusillade of security research was some impressive work from Ruben Santamarta of IOActive, whose team has unearthed worrying vulnerabilities in satellite communication systems, aka SATCOM, used by airplanes, ships and military units worldwide. Now, it’s not catastrophically bad: In particular, while attackers could mess with or disable your in-flight Wi-Fi, conceivably try to hack into devices connected to them and/or disable all in-flight satellite comms, they couldn’t actually affect any systems that control the airplane. The bigger worries are in the military or maritime spheres, because these are remote vulnerabilities — anyone on the internet can hack into a connected vulnerable SATCOM device. Which is to say, presumably most of them, since communication is their whole reason for being. In the former case, in addition to the risk of attackers
Continue reading "Hack the planet: vulnerabilities unearthed in satellite systems used around the globe"

Who do you trust?

Another week, another high-profile hack. This week it was (checks notes) Reddit. What makes this one marginally more interesting is that the victims were using two-factor authentication, i.e. SMS codes texted to them to verify their identities when their accounts were accessed — which turned out to be little more than a speed bump for the attackers. This surprised exactly zero (good) security people. It has long been known that your phone service can be hacked either via SS7, the ancient and insecure system used to interconnect the planet’s phone networks, or by the more old-fashioned but even more effective method of walking into a store and talking a callow undertrained clerk into transferring your number to the attacker’s phone. Phone companies are trying to remediate both of these attack vectors, but you can’t trust them to protect you; not yet, and possibly not ever. But you have to
Continue reading "Who do you trust?"

Branded Worlds: how technology recentralized entertainment

I love Hollywood box-office numbers because they provide a hard statistical view of cultural currents. Did you know, for instance, that there had never been a weekend when 8 of the top 10 movies in America were sequels — until this month? Or that, while almost 400 movies were released in the first half of 2018, nearly 40% of their total accumulated revenue came from just four releases, all of which were superhero sequels? This is not what was supposed to happen. Ten years ago people thought that visual storytelling would be democratized; that new cameras, new editing suites, cheap streaming, and BitTorrent would combine to render high-cost obsolete-infrastructure Hollywood irrelevant. A worldwide cohort of genius independent filmmakers would use this new generation of accessible tools to slowly supplant Hollywood studios and producers as the drivers of visual and narrative culture. Hoo boy, did that ever not happen. Instead we
Continue reading "Branded Worlds: how technology recentralized entertainment"

Information wants to be siloed

Data, they say, is the new oil, and open public data is the new commons. Give the people the facts, and they will use them to make informed decisions. Right? Except that’s not the bureaucratic instinct. Bureaucrats fear the free flow of information. And all too often they’ll try to quench it by intoning the magic word “security,” and if that doesn’t work, “terrorism!“, in the most idiotic ways and places possible. This is a wide and general rule: whenever some tinpot official says something painfully dumb has to be done Because Security, the odds are better than even that they’re lazy, lying, and/or incompetent. (Think of this every time e.g. your work password expires and you’re required to change it.) There are so many specific examples that it’s hard to choose just one — but, conveniently, recently an old friend of mine stumbled
Continue reading "Information wants to be siloed"

Liberty, equality, technology: France is finally poised to become a tech power

Once America had an unassailable advantage, an economic flywheel that spun off innovation and Fortune 500 companies like a perpetual-motion machine. Bring in the best, brightest, and most driven from around the world; educate them or their children at its universities; then watch them start companies, succeed wildly, give back to their alma maters, and recruit new talent as the virtuous cycle began again. It hardly mattered whether these immigrants came in as students (think Satya Nadella, Sundar Pichai, and Steve Jobs’ father Abdul Fattah Jandali) or with their families (Sergey Brin and Jerry Yang) or as refugees (eg Alexis Ohanian’s father’s family) or as undocumented immigrants (eg Ohanian’s mother.) Meanwhile, the UK, thanks to its Commonwealth connections and universities like Oxbridge and Imperial College, did much the same on a smaller scale. It was a self-sustaining wealth-generation and nation-strengthening machine of gigantic proportions, and it would take
Continue reading "Liberty, equality, technology: France is finally poised to become a tech power"

Zcash: life on the crypto roller coaster

Suppressed in Japan. Championed in New York. Accused of betraying the billion-dollar community he created with an arcane and byzantine ritual, while accidentally solving — maybe — a transnational clandestine mining mystery. All this while leading the rollout of some of the world’s most cutting-edge cryptographic technology into production. It’s been an interesting six months for Zooko Wilcox, cryptographer, engineer, and CEO / driving force behind Zcash, one of the world’s most valuable, technically interesting, and politically fraught cryptocurrencies. Thoughtful, soft-spoken, quick to laugh, and eager to see all sides of every issue, he doesn’t seem like a man to inspire bans and rancor. But that’s the crypto world for you, these days. When it comes to Zcash, “crypto” means both “cryptocurrency” and “cryptography,” for once. It is essentially a fork of Bitcoin which uses a mindbending branch of mathematics known as “zero-knowledge proofs” (which I’ve been writing about
Continue reading "Zcash: life on the crypto roller coaster"

The techlash

People hate hubris and hypocrisy more than they hate evil, which is, I think, why we’re seeing the beginnings of a bipartisan cultural backlash against the tech industry. A backlash which is wrongly conceived and wrongly targeted … but not entirely unfounded. It’s hard to shake the sense that, as an industry, we are currently abdicating some of our collective responsibility to the world.

I don’t want to overstate the case. The tech industry remained the single most trusted entity in America as recently as last year, according to the Edelman Trust Barometer. Jeff

Continue reading "The techlash"

The piggyback problem

I wanted to write about scooter startups this week, but, alas, I failed to care enough about them to muster any opinion at all. The problem is that they are pure piggyback startups, and pure piggyback startups are boring because they have no chance of being genuinely transformative. Let me explain. Many, or even most, successful tech startups / movements succeed because they manage to piggyback on existing infrastructure. This is so painfully obvious it’s almost a truism, where the infrastructure is “the Internet” or “smartphones” — but there are other kinds, too. In its early days, Amazon was a pure piggyback startup, relying on UPS/FedEx/postal infrastructure. Similarly, the scooter startups are obviously reliant on existing city infrastructure. Hollywood movies follow a three-act structure, and so do transformative tech startups and movements. Act I almost always consists of piggybacking on pre-existing infrastructure. In Act II, they build / evolve their
Continue reading "The piggyback problem"

Whither VR/AR?

“Despite many pronouncements that 2016 was the year of VR, a more apt word for virtual reality might be absence,” The Economist observed caustically last summer, noting that during that year forecasts of combined sales of VR hardware and software dropped from $5.1bn to $3.6bn to the harsh reality of $1.8bn. But hey, one rough holiday season does not an industry make, right? Surely in 2017 things began to — — oh. “Shock Stat: In 2017, VR Headset Shipments For Most Top Brands Went DOWN Compared To 2016.” So much for the many predictions that VR headset shipments would grow exponentially for years. Crow appears to be the appetizer for nearly every industry dinner these days. But that was before the Oculus Go, right? Except … the Go seems to have sold at most a quarter of a million units in its first few
Continue reading "Whither VR/AR?"

Pornography and the butterfly effect

“Whatever happens to musicians happens to everybody,” said Bruce Sterling years ago, referring to the effects of free downloadable music on their industry; and so it has come to pass for pornographers, as depicted by the great Jon Ronson in his equal parts charming and spellbinding podcast series “The Butterfly Effect.” Pornography, however, is much weirder than music, both as concept and as industry; and so, unsurprisingly, the emergent properties of the overturning of the porn industry are much weirder too, and the full extent of their ripple effects have yet to be measured. It’s at least plausible that the latest salvos in our intensifying culture wars, the subjects of “incels” and “enforced monogamy,” stem from touchpaper lit long ago by the butterfly in Ronson’s story. That story seems simple in outline. A Belgian named Fabian starts trading in passwords to porn sites in the 1990s. Next decade,
Continue reading "Pornography and the butterfly effect"