Friday, February 23, 2007

7 Basic Business Adventure Goodies

1 Empower by investing in people's futures.
2 Reality is negotiable.
3 Aliens attract attention but trust decreases later.
4 What's your game is hotter than what's my game.
5 Patience is a compassionate business skill and vice versa.
6 Business is bold - powerful - peaceful - inspiring and all the intoxication needed.
7 Enough is enough.

Semco, A company of self-managing teams

"Ricardo Semler’s employees set their hours, determine their salaries and choose their bosses. Meet the Brazilian businessman who does everything differently..."
http://www.odemagazine.com/article.php?aID=4390

He came into his daddy's company "demanded that Semco steer away from its activities as a shipbuilding supplier and abandon autocratic management in favour of decentralization... On his first day as director, Ricardo Semler fired 60 percent of senior management and began laying the foundation for a democratic organization."

"Semco now has 3,000 staffers (with very little turnover) and is growing 20 to 30 percent a year, with annual sales of $212 million U.S. [190 million euros] in 2003.
Semco’s radical policies do have a downside. Demand from outsiders wanting to visit its offices is so heavy that employees have complained of feeling like exotic attractions at a zoo. But that seems a small price to pay for such runaway success."

"Why are so few companies in the world run like Semco?
Ricardo Semler: “Because managers are afraid to lose power and control.”

"Ricardo Semler’s tips for democratic management
• Do away with bureaucracy, which creates a sense of false security.
• Let employees determine everything themselves: their salaries, their working hours, their managers.
• Let go of control to stimulate creativity.
• Strip away special treatment for managers—no parking space or secretary, not even their own desk.
• Continually question whether what appears to be self-evident is actually good for the company.
• Regularly take a break from work when you are unreachable for a period of time.
• Read classic literature instead of management books.
• Remember that leadership has nothing to do with hierarchy, because everyone can develop leadership skills."

Richardo has published a couple of best selling books. Beware when you go to the following site, as the page loads it plays loud repetitive music you may wish to turn off your speakers:

http://semco.locaweb.com.br/

Check out the Semco Management Model section of this Flash site (2007).

How Much Do Leaders Unstated Prejudices Influence Others Actions?

I wonder how much leaders unstated prejudices influence the actions of others, almost like a net of doubt, when it comes to such controversial things as gender and race 'differences'.

Here is an example I observed in my life --
Educated at the UW Architecture dept, my mom was a planner throughout Alaska. Eventually she not only was a senior land planner for the largest private corporate land owner in the world, but also an energy planner for the state. She acquired funding for multi-million dollar projects through her grantsmanship.

Yet, she was required by her male employers to serve them coffee in meetings. At home at night those memories regularly brought her to tears.

Supporting three children, she also earned less money than males in similar positions (I never thought she had any male 'peers'). Sometimes we lived very close to poverty, yet she refused on principle to take any public assistance and sometimes worked 3 jobs.

Myself working in male dominated environments, I encountered prejudice so often I didn't really even notice anymore - being female became just my 'disability'; even when I became certified in various skills, once I was hired, generally the same day I started, I would be re-positioned to a lower job.

At a progressive company I was hired as a Network Engineer and became a Support Engineer for the product line the day I started, under a manager whose entire technical experience was limited to working in a movie theater. At another I was hired as a Web Services Manager for a large team with a budget and the same day the job changed to a front line worker, with an office in a closet. When discussing this with male co-workers over the years not one of them recognized any differences in the way women are treated.

Male co-workers said such things to me as "for a woman you sure know a lot about this technology."

My intuitive response has been interesting. I frequently ask my co-workers if they would like some coffee or something to drink and I serve it to them - because at least I am not required to do so. It is my choice, so I take pleasure in it, and I always think of my mom.

Only once has any one noticed this, saying "Linda you shouldn't be serving others here you are the manager". When I explained this reasoning, that I can do it, that it is my choice, to my male co-worker he understood.

When negotiating a new job I ALWAYS ask for a higher salary.

My other response has been to switch jobs whenever offered better pay, or to remove myself from being victimized by inappropriate management. If it is not good for me I reasoned, it certainly can not be any good for them.

During interviews I have been propositioned, even when looking for housing this has happened. In the business environment I learned to actually say something in the case of gender harassment. That took years to come to terms with, and it was incredibly difficult to deal with. Like many woman I somehow tended to blame myself.

If you ask why would I put up with this? I am without other means of support - when you need a job you need a job, you take what you can find. The idea of 'career' is essentially foreign to my experience.

I believe that even unstated prejudices influence our own and the actions of others. My own goal is to find these things in myself and expose them to the sunlight of compassion/kindness, which does not mean permissiveness.

Here is a link the Boston Globe's article on the former President of Harvard, Harvard women's group rips Summers.
http://www.b
oston.com/news/education/higher/articles/2005/01/19/harvard_womens_group_rips_summers/?page=2

Thursday, February 22, 2007

How People Learn: Brain, Mind, Experience, and School

I am very wild about the book I recommend How People Learn: Brain, Mind, Experience, and School

This research sponsored by a number of agencies and brought together here in an action packed volume is not to be missed, created by National Research Council (U. S.) Committee on Learning Research and Educational Practice (Author), National Research Council (Corporate Author), John Bransford (Editor), Ann L. Brown (Editor), Rodney R. Cocking (Editor).

"Dr. John D. Bransford is the James W. Mifflin University Professor of Education and Psychology at the University of Washington in Seattle. Dr. Bransford is also Principal Investigator and Director of the LIFE Center, a recently funded National Science Foundation Sciences of Learning Center.


Bransford and his colleagues have won numerous awards. His Ph.D. dissertation won honorable mention in the national "Creative Talent Awards" Contest; several of his published articles (co-authored with colleagues) have won "article of the year" awards in the areas of science education, technology, design, and theories of transfer."1

Amanda Baggs, a 26 year old autistic woman, posted a video on YouTube.com that is so very impressive about how she learns and how she perceives the world - here's the link to the CNN article which has a link to the video: http://www.cnn.com/2007/HEALTH/02/22/autism.emails/index.html.


Her video, and the article on CNN.com help to clarify how some people perceive reality that differs from others. Outsiders can understand each other at a level that others must make efforts to understand, if they ever can.

Ms. Baggs' view on human rights, and what it means to be human is quite compelling.

1. http://www.mciu.org/gtosite/cwp/view.asp?a=816&Q=426464&PM=1>ositeNav=%7C9066%7C

----- Sponsor Ad -----
The technology today allows us to
learn from home
while working on a
degree.
So many

online universities
like the
university of phoenix 
have a wide array of undergraduate programs like
medical
billing
and many more.
----- Sponsor Ad -----

Advice on How to Use Art.Com to Sell Your Art on the Internet

Art.com is in the process of changing how you register to become a publisher artist on their site with a new contract agreement - see:
http://www.artistrising.com/

It is free to sign up and put your art out there, but you have to provide either your Social Security Number or a Corp id (such as your federal business tax license, or in Europe the VAT - Value Added Tax) so you can get paid.

The good news is they are improving how much money you can earn from their site through sales. Now your percentage includes any framing which customers choose of your work as well. So you get a percentage of the sale of the print and a percentage of the frame sale too.

To actually get started what you need are high quality images, either photos or scans of your work. The specifics are on their site.

Be careful to select all the options for sales, in the past Art.com allowed you to just offer works for sale in one size when you could make it available in all sizes. There is no reason not to publish your work in all sizes unless the image is not high enough in quality. They review for both content and quality.

I recommend you only purchase a paid account when you see if it pays for itself to start with, or if you already have sales, and want to add your large portfolio to the Web.

One thing that bugs me a little is the exclusivity clause that Art.com requires. In other words if you are doing business with other companies to produce your posters, and THEY approach Art.com for sales and marketing, then there is no "exclusivity" clause. Otherwise you have to promise that they are your sales and marketing on the Web.

Also I recommend researching the hierarchical structure of WHERE you place your art images in their classification (controlled vocabulary /ontology) - make sure that you really think it fits the category or will lead to SALES even if it is miscatagorized. It's part of the process of posting your work on their site, to categorize your own work. A practical example of this is the breadcrumbs you see in Art.com:
home > collections > art on the verge > abstract

To get your work to appear in Google's Image Search or Microsoft's Live Search results - Query from time to time on the open Web in Google's IMAGE SEARCH, or Live Search for your art images by their TITLE, and then check to see if Google/Live Search etc has crawled them. The images should appear under the Image Search after a few days! Why? Because they are Google, that's why!

What does this mean to you? This means that you need to create titles which speak to the work, but are also likely strongly identifiable queries, so for example "The Couple" is ok, but "Two Lovers at the Paradise Waterfall" is better, because it can return in more queries and also is more specific.

Categorizing your art in their schemas under "Aliens" is probably not going to be helpful - except if there is something fantastic or alien about it - because alien stuff sells. But, for example, if the work has a strongly Hispanic flavor, categorize the image as Spanish, Mexican, or Latin culture is help build the image in a one-to-many relationship for the image databases, which will help people locate and purchase your work.

You can also sell original art on Art.com but as my experience shows, it may be easier to sell your work on eBay.com

Another place to consider selling your work is in Second Life. As I understand there are 180 art galleries out there and people are doing some amazingly successful works. (Reference: Doug McDavid's Doug Mandelbrot in SecondLife, as of Feb. 2007)

If you wish you can also create work for sale which only exists as a digital file and only becomes a physical representation of it when it is sold as a copy. Lots of software lets you create original work, even Photoshop works to do that.

Let me know if this helped or you need more. There are other sites which sell works on the Web in addition to Art.com, including those for commercial art.

If you do publish in other locations online that are not paid, such as Flickr to help drive sales. The digital world exists to be linked.

So for a test, I recommend you order one of your own prints from Art.com for a friend or love in your life so you can see the quality. Art.com's printed editions, I have to say, are very very good. I was extremely impressed with their quality. If you are impressed, as I was, tell people. It is a great, inexpensive way to bring your art into people's lives.

Since so few of my prints sell what people don't know is that they are actually getting a very limited print which will become more obvious in the future.

Best of luck in marketing and selling your artwork over the Web!

Wednesday, February 21, 2007

Basic Structure for Writing a Usability Report or User Interface Study

To improve UI study reporting and methods, in general use the following structure:

Introduction
Describe what the comparison sites are:
Use the site's "About Us" or other mission statement, goals, to determine who the users are.
Describe the methods used for analysis

Call out specifics, be explicit.
1. Personas
2. Scenarios
3. Use Cases
4. Testing – tabbing, screen readers etc
5. Results
6. Recommendations

Also important are such things as aesthetics, use of color, and where the fold is, include screenshots for clarity.

Include even a brief conclusion, spell check and have an editor, cohort or friend review your work.

If you have to deliver negative news, in your analysis call out the good points first, and keep a positive sense of humor. Be prepared for the site owners, organizations, or managers not to be guided by your advice.

Tuesday, February 20, 2007

Doug McDavid's (Doug Mandelbrot in SecondLife) Presentation on IBM's Investment in Second Life

(beta notes from ISchool presentation) Doug McDavid opens his presentation by quoting ecomomist Carlota Perez:
http://www.carlotaperez.org/

"The turning point has to do with the balance between individual and social interests within capitalism. It is the swing of the pendulum from the extreme individual to giving greater attention to collective well-being."

See article about IBM's investment in Second Life:
Meet me in my avatar's office:
http://news.com.com/Meet%20me%20in%20my%20avatars%20office/2100-1043_3-6152727.html

"The most lucrative things you can do are services." Doug McDavid said to the iSchool INFO344 class, on the services economy called SSME, Services Sciences, Management and Engineering at IBM ("anything of economic value that can not be dropped on your foot"). Why does IBM care? IBM's to hire needed talent and innovate -Henry Cheswick, due to no captive industrial research labs.

Who cares? Governments, Industry, Academics, others...

Old corporates vs New enterprise.
Employs people vs Enable people
Owns resources vs Manages resources
Outsources to save vs tap the best capabilities
bosses statutory vs grooms leaders for expertise and reputation
ensures brad experience vs branding in experience of partners

"Its more like open source - a brutal meritocracy. Your peers are not gonna cut you any slack" said Doug. "Business intervention has a transforming effect and we need to think about it as the transforming effect. Much more business focused, value co-production, it needs to have a business orientation, not just an IT structure. It's outside in. 'A' business is not what to focus on, businesses and relationships are."

"The Surprising Economics of a People Business" Harvard Business School article, has some valuable information." said Doug, "The difference is in inclusion, instead of driving others out of business - open collaborative. Which by the way takes a whole different kind of software - which supports interaction."

Technical infrastructure and services
Information Design and management
Process design and management
Relationship and sourcing management

The class teacer Jim Loter added, "This kind of structure is like European models, the UW is organized in this manner but they need to communicate, not just the people but the data folks. Not just the folks shoveling coal into the supporting systems, but the folks thinking about the Web to share with current and future partners."

Dilbert Cartoon -
Software programmer to manager -
"I'll need to know your requirements before I start to design the software."
Manager to software programmer -
"I'm trying to get you to design the software for me, to figure out what I want it to do."

Query "IT Projects Failure Rate" on Google or a warm and friendly nearby search engine. What do we have? Declining results.

"What is business? A black transparent hole, we don't know what we need. What else is like that - Software is intrinsically complex malleable, abstract and invisible.

Business architect role- focusing on architecture viewpoints that come together of human social systems and IT."

"What is architecture? - construction of structure generally; both abstract and concrete." Oxford English Dictionary
Architecture of Belief -

The Open Group

Architecture of intent
Micro-architecture
Macro-architecture
Eco-architecture
Semantic Architecture
Measurement Architecture

Fritjof Capra's The Web of Life, 1996

Open boundaries - open more pores, but the relationships become more important.

Gaming adds more flexible contextual learning models.

Change - Innovation barriers is a survival imparitive
Lacking diversity vs very diverse
Hierarchical rules vs anyone can lead
risk taking discouraged vs - risk taking encouraged....

World of Warcarft
Habbo Hotel
Second Life
There.com
Eve Online

"Games have Rules, clear objective, levels, return with objective. We are already interested in a number of people playing games."

Linden Labs, Multiverse, Big World based game players going to Kaneva - questing team come from one environment to another - interoperability. Virtual Worlds Framework is still an IT structure at the system level.


Palmisano Gets A Second Life



IBM's CEO Sam Palmisano's avatar too the virtual stage in a virtual version of China's Forbidden City in SecondLife in Nov 2006 as a marketing pitch.

Technology purchasers, mareteers, product seelllects, social servie providers, educators. business service providers, personal service providers (lifestyle, medical, fashion, interior design, personal shoppers), Travel cost offsetters (holding meetings in SecondLife.


"What is your Business Self? Inplied business endorcement of vaious behaviors , digital rights, uniqueness warranties, when play money becomes real, when real money enters the playground, security, privacy, service level agreements. Dropping giant penises into a meeting place is anti-social behavior. So there are discussions going on with this."

Many kinds of live operations we have experience with - co-production of value - co-learning - how to do things together - such as flight sims. Scripted operations such as plays, concerts, etc. Rehearsal study is an enabling practice, support tools processes, measurement of value, opportunity of co-creation, domains of service enterprises while supporting several levels of learning styles.

Collaboration and Rehearsal - virtual worlds add emotion to remote teaming, - from live meetings to simple teleconference - body language and pre-post meeting socializing, (cons setup time location travel requires full attention).

Pros - Quick to start no travel - multi-task (loss of fidelity, less engaging, etc).

"You have the feelings, it's more to the full body experience. Body language is more abstract, more gets cut off. It was quite unexpected to me. What a party breaks out with dance floor, disco ball, etc, in Jacob Hall on the Almaden Island after a pretty intense business meeting.

Meeting friends from the virtual world in the real world is especially interesting. But it works the other way too - NMC.org Jim Spoor, John Paul Jacob - on the wall on the New Media Consortium space.

Artropolis - artists - IBM mini- art gallery. I live near Jnana Software but you have to have your pirate ship in your front yard and a professor of entrepreneurial studies at George Washington University.

Tech is really important ok but it's about a new era of societal deployment."

Monday, February 19, 2007

10 Simple Web Design Suggestions

1. Maintain simple, consistent page navigation throughout your site.

2. Produce legible sites - Keep backgrounds simple with enough contrast to read the content, break up large blocks of text into readable amounts, and use san-serif fonts; they are more readable than serif or fancy fonts on most monitors.

3. Separate the content from the presentation, use standard HTML for device independence, and CSS for adding style (e.g. fonts, colors, spacing)

4. Keep file sizes as small as possible if your target audience includes those with thin bandwidth (slow connections).

5. Caption video and transcribe other audio for the hearing impaired folks.

6. Make links descriptive so that they are understood out of context. ('Click here' is a no-no because it is meaningless)

7. Include descriptive captions or other options to make graphical features accessible ALT/LONGDESC attributes. Use NULL (alt=””) for unimportant graphics. This is Important for the many people with visual impairments using screen readers.

8. If possible provide alternatives and contact information in addition to forms and databases. Not everyone on the Web understands or can use these data collection methods.

9. Provide alternatives for content in applets and plug-ins, if you Flash an entire site you may want to consider the option of a simple companion HTML site.

10. Perform Usability and Accessibility Tests. Testing with just 3 people is better than no testing at all, and you are likely to catch the big issues.

See http://www.w3.org/ for more information about standards...

Why should we believe that using metadata will help J. Random User get in touch with her Buddha nature?

"Metacrap: Putting the torch to seven straw-men of the meta-utopia" is a short read on why metadata may not work in the open Internet: http://www.well.com/~doctorow/metacrap.htm

For a foretaste, check out the brief chapter headings:
* 0. ToC
o 0.1 Version History
* 1. Introduction
* 2. The problems
o 2.1 People lie
o 2.2 People are lazy
o 2.3 People are stupid
o 2.4 Mission: Impossible -- know thyself
o 2.5 Schemas aren't neutral
o 2.6 Metrics influence results
o 2.7 There's more than one way to describe something
* 3. Reliable metadata

There is nothing like the open Internet to sound out ideas. My own opinion goes more towards that metadata is a tool because information is locked away from powerful search engines which necessitates organizing it with tools such as metadata, and analysis from data experts. But this model may not really help in terms of the absolutely creative nature of human endeavor. Methinks it comes more from the realm of library science and pedagogy where finding something in a physical realm and instruction is the goal, which has not caught up to the power to SEARCH, and view others' metadata such as relationships (tagging, authority - author, etc).

Still in a nation focused on UFOs and celebrities, maybe this is what is required to indulge the great unwashed jungle, and security protects the scientific and verifiable.

I would feel much better if I knew that all drug and health-related companies shared their information on research and discoveries for example.

Maybe someday instead of this Age of the Information Cold War, we will have strategies for open information presentation and a way to nix the harassment from the identity thieves.

My personal model included metrics to influence the model on purpose - but that is "mixing metadata with data" - strictly the wrong direction according to current science.

Combining the link stats (by data mining) should provide more information. It's how Page Rank score/ hit rate combine with IP address and other long term use tracking - thus relevance is displayed that makes a difference. People are lazy and many really don't get tech - so I am thinking of a way to assemble the page to include the Page Rank score/ hit rate, to help in usability.

What I want to my frequently used websites (such as the MSIM iSchool) is for it to present ALL the data specific to me. In other words I pretty much use the same exact pages over and over again - I don't want to have to search or click or anything - I just want what I use to be presented first and foremost. The other data that the 'outfit' (the UW in this case, or a business or religious or other org) wants to present to me or makes available is also interesting but less so.

Including metrics with the metadata allows information scientists to tweak their presentation model by showing it's relevance - in effect putting in metrics to view it's context to the greater whole. But not as metadata - as other information mapped to such things as sniffing my IP address.

What I mean by Medieval Information Age is that we have lots and lots of closed information and closed data systems - I hope that these will open up but I know I will not see this happen in my life time or even in the next lifetime, Greenstone not withstanding.

Meta data is like the "thin client" of the Information World - it allows lots and lots of information to be relayed very quickly, in categories.

Will we look back on this as the Medieval Information Age? I view information as a contextual circle - I know nothing.

Thursday, February 15, 2007

You Can't Save the Stupid from Phishing attacks

Like many User Interface professionals I received the recent email notice from VeriSign about their new Secure Socket Layer Certificates which turn green when the site is secure - to make ecommerce and other information transfers through -

"Maximize customer confidence and sales with new VeriSign® EV SSL Certificates

In response to increasing consumer fear of online fraud, VeriSign has introduced *Extended Validation (EV) SSL Certificates*. The new certificates turn the browser address bar green, communicating to consumers that your site is secure."

Taking a quick look around Technorati I found this blog Cyber Top Cops Security http://cybertopcops.blogspot.com/2007/02/green-means-trust-but-does-it-mean.html
Cyber Top Cops Security Logo
an article which quickly pointed out that the average user could care less what color his/her browser turns for all they know it's just supposed to do that.

These Cyber Cops pointed the caring reader to Rachna Dhamija, a Postdoctoral Fellow at the Center for Research on Computation and Society at Harvard University; who besides an enviable career, including electronic commerce privacy and security at CyberCash, has done some interesting studies on scams and why they work on the Internet.

Replacing Rachna Dhamija's educated language with the vernacular, "you can't save the stupid people, because it doesn't really matter who you are, everyone is at risk."

Here's what Dr. Dhamija said -
"We discovered that existing security cues are ineffective, for three reasons:

1. The indicators are ignored (23% of participants in our study did not look at the address bar, status bar, or any SSL indicators).

2. The indicators are misunderstood. For example, one regular Firefox user told me that he thought the yellow background in the address bar was an aesthetic design choice of the website designer (he didn't realize that it was a security signal presented by the browser). Other users thought the SSL lock icon indicated whether a website could set cookies.

3. The security indicators are trivial to spoof. Many users can't distinguish between an actual SSL indicator in the browser frame and a spoofed image of that indicator that appears in the content of a webpage. For example, if you display a popup window with no address bar, and then add an image of an address bar at the top with the correct URL and SSL indicators and an image of the status bar at the bottom with all the right indicators, most users will think it is legitimate. This attack fooled more than 80% of participants.

We also found that popup warnings are ineffective. When presented with a browser warning of a self-signed certificate, 15 out of 22 participants proceeded to click OK (to accept the certificate) without reading the warning. Finally, participants were vulnerable across the board -- in our study, neither education, age, sex, previous experience, nor hours of computer use showed a statistically significant correlation with vulnerability to phishing."
See Fishing with Rachna
sounds friendly enough, na?
Dr. Rachna Dhamija
So, I believe, and catch me if I am wrong, that unless the Internet security industry comes up with better methods to prevent users from giving away their economic lives by mistake, eventually micro-public-Internets will spring up promising to provide enhanced security just like gated communities.

I know it's scary kids, but it is actually possible that AOL has a future in fear and security, if they can guarantee online safety for their stakeholder customers. It is possible that being an AOL member will mean you are richer and have more at stake than others, and we will have to forgive W because "The Internets" aren't so stupid after all.

Wednesday, February 14, 2007

Seattle Wireless

"Seattle Wireless is a grassroots Community Wireless Network (CWN) project in Seattle, Washington. Its goals include the creation of a broadband wireless Metropolitan Area Network, as well as the creation of tools that help us achieve that goal. We are a not-for-profit community of volunteers, and although we have many different motivations, we believe that we can build a network without recurrent fees that is not beholden to any Commercial Telecommunications Provider. Our network is a Mesh Network that follows the Free Networks Peering Agreement and is built on Open Source Software."

Check em out at: http://seattlewireless.net/

Privacy - How does the Amazon Honor System paybox know my name?

Same way they know everyone's name - they are just not sure who is steering that particular computer though "When you look at a Web page, the words and pictures you see actually may come from several sources. Your browser software assembles the pieces and displays them as a single page. On the Web site you were visiting, most of the content you saw was transmitted from server computers used by the site's operator. The image made up of the paybox and your name displayed within the paybox was different--we sent it to you directly from Amazon.com. This allowed us to recognize you by name just like we do when you visit the Amazon.com Web site. Because Amazon.com's servers transmitted the image containing a paybox and your name within the paybox directly to your browser software, the site owner never saw the paybox or your name and never received any information about you."

JXTA P2P Open Connected Network Devices

"JXTA™ technology is a set of open protocols that allow any connected device on the network ranging from cell phones and wireless PDAs to PCs and servers to communicate and collaborate in a P2P manner. JXTA is the industry-leading P2P technology, supported by over 30,000 members worldwide with downloads exceeding 12 Million."

See http://www.jxta.org/

Project JXTA Objectives:

* Interoperability - across different peer-to-peer systems and communities
* Platform independence - multiple/diverse languages, systems, and networks
* Ubiquity - every device with a digital heartbeat

The possibilities:

* Find peers and resources on the network even across firewalls
* Share files with anyone across the network
* Create your own group of peers of devices across different networks
* Communicate securely with peers across public networks

Tuesday, February 13, 2007

Hidden Services Tor, Onion Routing

The Onion Routing program is made up of projects which -
1. Research
2. Analyze
3. Design
4. Build
anonymous communications systems.

See http://www.onion-router.net/
The focus is on practical systems for low-latency Internet-based connections that
1. resist traffic analysis,
2. eavesdropping,
3. other attacks both by outsiders (e.g. Internet routers),
4. insiders (Onion Routing servers themselves).

"Onion Routing prevents the transport medium from knowing who is communicating with whom -- the network knows only that communication is taking place. In addition, the content of the communication is hidden from eavesdroppers up to the point where the traffic leaves the OR network."

Tor: Generation 2 Onion Routing
Visual representation of running Tor Servers

Web proxy Privoxy

Monday, February 12, 2007

RFID leaks Privacy Information through DNS, Alice Cryptology



Highly recommended - Karsten Nohl (PhD candidate at the University of Virginia, Computer Science), RFID Privacy, Old Threats and New Attacks. Hope 2006. Alice cryptography is the example here, and every minute is valuable - how RFID are related to databases, and how to detect location information through cashes in Domain Server requests. Scalability to reality in terms of billions of tags, and the tree of secrets.

Faraday cages are mentioned -
"A Faraday cage or Faraday shield is an enclosure formed by conducting material, or by a mesh of such material. Such an enclosure blocks out external static electrical fields.

RFID passport and credit card shielding sleeves are small, portable Faraday cages."
http://en.wikipedia.org/wiki/Faraday_cage

As is ONS -
Object Naming Service (ONS)
"mechanism that leverages Domain Name System (DNS) to discover information about a product and related services from the Electronic Product Code (EPC). It is a component of the EPCglobal Network.

It is published by the EPCglobal board. Version 1.0 of the specification was ratified by the board in October, 2005."
http://en.wikipedia.org/wiki/Object_Naming_Service

Definitions from Wikipedia.


Karsten Nohl, PhD candidate at the University of Virginia, Computer Science

International Privacy Insurance Club



Not sure where this video was filmed - poster located in Germany. Milan's Banca Intesa signs appear in this video. These guerrilla cats are taking the matter of privacy into their own hands, with interesting tools of their trade, using a map and acrobatics to systematically detect and disable video surveillance cameras.

No intention to support this kind of activity should be implied through this posting.

Invasion of Privacy for a Disabled Person in Canada



Mentioned in this news presentation is a unit of the local Canadian govt has a "Privacy Commissioner". Stephen Pate wisely wants the old inappropriately collected data removed from government computers but that is probably more difficult than can be imagined.

One suggestion:
"What floor are we on now?" as a question to gain support for a disability could be answered - "We are not on a floor, you are a person writing an inappropriate question sometime in the past."

The Conversation - Privacy

A Brief reminder of privacy views - it's ok when it's someone else being spied upon...



The Conversation (1974 USA 113mins)
Analysis by Brenda Austin-Smith, film and literature instructor at the University of Manitoba, Canada

"I don't have anything personal," says Harry Caul (Gene Hackman), protagonist of The Conversation to his landlady, ".nothing of value, except my keys." The comment, made over the telephone rather than face-to-face, confirms Harry Caul as a character pathologically obsessed with his own privacy, even as he spends his days as a wiretapping expert invading the sonic privacy of others. The immediate cultural context of The Conversation was Watergate, the release of the Nixon tapes, and growing social anxiety over surveillance. The film's release in the wake of the most significant U.S. political scandal of the late 20th century touched a nerve with viewers and critics, who read this densely plotted tale of corporate intrigue, murder, and paranoia as a dissertation on American society in the mid-'70s. Nominated for three Academy Awards, The Conversation lost out to another Coppola film, The Godfather II, though it won the Golden Palm at Cannes.

The Conversation has been described as an "Orwellian morality play" in which the spy becomes the spied upon, and technology is used against the user.

Despite its structural flaws, its derivative techniques, and its rather hackneyed conspiracy theme, The Conversation transcends these limitations in its provision of a character study of haunting, if disturbing, power. Harry Caul, a character Coppola himself feared would be impossible for viewers to sympathize with, is the film's central figure, a man so obsessed with making himself unavailable to others that he has almost completely eradicated his own personality. His last name spelled out carefully over the phone, links Harry to those born with a caul, and indeed, the film is replete with images of Harry wearing an old raincoat, behind plastic curtains, and obscured by a telephone booth.

Harry is a surveillance genius for whom other people's privacy is an obstacle to be overcome using equipment he builds himself. He is also a man suffering intensely from guilt: one of his previous assignments resulted in the death of an entire family. This revelation, as well as the film's depiction of Harry's Catholicism (we see him at confession, an analogue of the secular eavesdropping Harry practices), complicates his detachment from others by introducing the one element that functions as the "bug" Harry can neither disable nor escape: his own conscience."
http://www.sensesofcinema.com/contents/cteq/01/13/conversation.html



Other more recent films with privacy themes include:
Gattaca
http://www.imdb.com/title/tt0119177/

Brazil
http://www.imdb.com/title/tt0088846/
with it's odd prescient "Information Retrieval" managers.

The Matrix series
http://www.imdb.com/title/tt0133093/

Privacy & Law vs Google Govt Fishing Expeditions

Globalization101.org interviewed David Vise, Author of "The Google Story" on this topic: "Which do you think is the bigger cost, individual privacy or the chance to catch a criminal?"

They actually disabled embedded content so you actually have to click the link - sorry - http://www.youtube.com/watch?v=whanGlvZ5lc to watch their brief video.

Privacy Feature in Linden Labs Second Life



Nylon Pinkney presents a new privacy feature available in Linden Labs' Second Life.

Saturday, February 10, 2007

We are teaching the machine

Highly recommended video on everything information:



We are the machine.

See the

Digital Ethnography @ Kansas State University blog at: http://mediatedcultures.net/ksudigg/

Creating a Metadata Schema for the MSIM iSchool Website at the University of Washington

Approach
When considering administration of the University of Washington’s iSchool MSIM website, and what metadata might be helpful to do this, I considered human issues first and then the larger scope of the organizations needs, the users needs, and lastly system’s or machine level needs. My questions were “what are the needs of a website administrator”, “what is this organization and what are their needs”, and “what kind of content I am working with”, as well as “how may information be accessed and why”.

An alternative approach is to view metadata as just another level of information in the metadata stack, one which can aid the site administrator, one which can be automated using systems, and one which can be accessed using interoperable systems.

Starting with the human element first - the website administrator acts as a consultant and advisor, in effect a domain expert working to improve the interface between users and their needs, the organization and it’s needs, and what computers can do, balanced with the costs. However, administrators also actually have their own needs when handling data so I focused on that person’s real needs first and foremost.

Considering which elements are most important to include in any metadata schema, I first thought about the human input and process issues. “How much time could a website administrator reasonably be expected to spend inputting this kind of data into pages,” was my baseline question. Even if you have tools to perform this function, adding data adds cost to publication. This question lead me to conclude that “Administrators have little time to add metadata,” no matter how passionately they feel about the semantic web, or about the possible eventual use of such data.

What are the organization’s needs? The needs of institutions are many and varied whether the University of Washington or other institutions. I came to the following conclusions:

The similarities of large educational organizations needs can be summed up in one paragraph – they need three major things:

1. Educational resources, Books, images, and other stored or linked Materials

2. Knowledgeable speakers, Teachers or other Knowledge holders

3. Support from the community to maintain these resources, Funds

But in order for the combination of these to survive and thrive they also require a fourth –

4. Communication so that the educators and students, as well as other relationships, other teachers, donors, students in distance learning programs, etc can be built by finding, influencing, and interacting with each other.

Marketing arises as a delta communication and support, it may be described as “communication to increase support” - this means knowing where hits are coming from and to what resource. (See more about this subject in section two on Impact.)

The Meta data elements and controls included are based on the minimum number of requirements for an Administrator to bring those things together literally on the same page. They answer several questions shown in Table 1 below, What, When, Who, Where, and How Valuable? Providing the answers to these questions in the metadata would support the needs of the Administrator. They also include questions to provide effective feedback into the decision making process to rework the site structure, and as a process of inquiry to help decide if the metadata elements need modification.

Exploring the various existing schemes on the Metamap I found that many referred to or leveraged the Dublin Core version, based on 15 elements. As a result I reasoned that approximately 15 elements would be the maximum, this number has the practical appeal of suiting both effective and economical administrative overhead. The new ones were derived from the Dublin Core options.

Dublin Core Metadata Element Set has the main attributes both the administrator and the institution need, and the interoperability that computers require, because many other standards include it. Taking into account the fact that Dublin Core is an accepted standard, it would not require too much in the way of selling it to team members unfamiliar with metadata schemas, or standards themselves.

Impact

The conclusion that information is only valuable in context implies a corollary: contextualized information can create more relevant information for the user. From such relevant information users can realize knowledge.

Table 1

Questions

Expanded Questions and Answers

MetaData Element

What?

What is this stuff, the format I am handling?

“Format” is for ease of use and knowing what to do with it and what to expect (.HTML, etc). This has somewhat limited use in non-text applications, such as graphics because you can not label an image inside the image. Image headers contain information about the image, not about the context of the image or the elements within the image or images.

Format

What?

What is it called?
“Title” is what the document of X format type is called.

Title

When?

What date was it created? (when was it made?)
“Date” provides the when it was created or last saved. In some ways this can imply versioning.

Date

Who?

Who provided it?
“Source” tracks where the file originated from.

Source

What/who?

What language is it in? (who is it for?)
“Language” helps make sure it is located in the right area, and for the right audience.

Language

Who?

Who owns the legal rights?
“Rights” provides information on ownership and establishes some idea of copyright.

Rights

Who?

Who created it?
“Creator” provides a information as to who made it. Often webpages have more than one author.

Creator

Who?

Who approved it?
“dc.Creator.approver” gives another set of eyes[1] watching who approved the document to be published.

dc.Creator.approver

Who?

Which organization owns it?

dc.Creator.org

What?

What is the subject?

Subject

When?

What does it cover?

Coverage

When?

For what dates/time period is it valid?

dc.coverage.date

Where?

For what location does it apply or is it valid for? “dc.coverage.location” provides a detail about where the document belongs, such as an association with a specific campus.

dc.coverage.location




How Valuable/How found?

How valuable is it stacked in an outside Search entity, such as Google?
“pageRank” page rank as provided by Google search engine, through Google’s API.[2]
Future improvements could add pageRank.searchengine.

pageRank

Value?

How valuable is it in terms of hits?
“pageRank.hits” total number of hits as compared to other pages on the MSIM site, from “
Clicktracks” data.

pageRank.hits

Value?

How valuable is it scoring within the scope of the MSIM site?
“pageRank score” is the mean of the PageRank and.hits, to provide scoring. This could enable authority control to other search systems, when combined with date for example or location for instance.

pageRank.score

The last three elements of Table 1 above, pageRank, seek to display how valuable a page is, which is included as an experiment. These would be auto generated on the fly as the page was assembled. These categories would be based in part on the Google PageRank API and on indexing and hits actively made in the system.

Why these and why does it matter? To help end users find the school they want and for the school to welcome them, is just one reason. In my own experience working with the Seattle Community Colleges as a web designer, reading the log files, it became obvious to me that many of the foreign nationals inquiries on the Seattle Community Colleges’ sites were not serving their potential student body, in part because no one was examining the logs. Those who rarely did examine the logs did not take the next logical step to advise the senior leadership on how to improve their website as their most functional, least expensive form of marketing. It is likely that such a field cross-referenced with other metadata could aid systems to enable end users to locate the most current authoritative information on a subject.

Nervana’s Sharon L. Bolding advised students to “Iterate to improve over time” in her class presentation. During class discussions she mentioned that organizations needs for information changes over time. If you try to think of everything you might need the administrative overhead is too large and quite simply you will fail. It’s better to think of what you need as experimental, try something, and iterate as you go along, just like all of Web design and application development.


Understanding “what is being used and by whom” in order to identify patterns, can include some automated information from trusted authorities. Combined with the need for pattern recognition the idea of trapping active logging, and exposing some of it for users occurred to me. Click tracking is done at the University of Washington by “Clicktracks”, according to Joel Larson. But what if that data was exposed at some level, such as in the metadata comments? How could this be helpful? Who will it be helpful for?

The reasons someone comes to the University website are fairly well known, however the right to view some materials is based on authentication. In this environment such user rights are controlled by the ‘PubCookie’ as an authority grantor, using databases as control agents. Customers such as students are a common end user. But are they able to find what they want right away from navigation? How many use a search engine instead, and how often? What Search engines do they use? Where do they come from and where are they going?


This solution could make a difference in the user experience on the MSIM website. It might help improve the logic in the user interface design. From the standpoint of site administration, it might help show where some static materials are helpful in certain ways, and yet completely static materials fall out of use over a longer period of time. What it may show we do not know and that itself is interesting.

Problems

Still with this additional data, we need real human beings to observe, analyze, and accept critical feedback and try exceptional things in order to improve information findability and refine that slippery thing known as User Experience. Computers are here to serve man, not the other way around.

Even the reason to ask these questions of Value is implied in the need for large organizations to continually try to improve the findability and usability of their information. In some way, one wants to take the data out of the hands of those who believe they know what, when, where, and how information is being used, and put it into the hands of the end user to make those decisions themselves. The question really is how to help users do it, and what logical steps can one take to make this possible.

What I sacrificed to make the choices was time and lack of experience in terms of what I could or actually would do with this metadata. Once exposed, how useful is it really? Does it only serve me as the administrator? How can I make it more useful?

While many of the metadata schemas were very intriguing I felt I would need more experience actually using and “munging” data to make it useful for end users, the organization, and at the machine level.

Resources

  • Dublin Core. (February-1-2007) Dublin Core Metadata Element Set, Version 1.1.
    http://dublincore.org/documents/dces/

Considering metadata elements over several days I realized that I could not conceive of better buckets myself, not really, just derivative ones. Other appealing systems I considered were RDF, OWL and GEMS. I researched RDF and OWL because my own interest tend toward technical issues. GEMS is included because it is a metadata schema specific to education.

But ultimately I returned to Dublin Core for metadata due to simplicity. I appended that schema, and expect that I would learn much more from it “in the wild.”

“Module 3a: Metadata” PowerPoint presentation, slide 4, from IMT530b class and website.

· Element refinements allow narrower definition of the elements for specific purposes http://dublincore.org/documents/dcmi-terms/#H3

· Encoding schemes (authority control) can be used as rules for the values allowed within elements http://dublincore.org/documents/dcmi-terms/#H4

Email: Date: Thu, 25 Jan 2007 12:29:54 -0800 Subject: RE: [Imt530b_wi07] FW: Exercise 3 instructions
… examine metadata standards that are related to content/resource description… looking for is repeated elements across many schemas, which will give you clues about what is commonly used for describing content… The standards I list in the first part of the assignment are recommended starting points, because many of the others are more technical and not appropriate for this work.

· w3schools. (Feburary-7-2007) RDF Reference.
http://www.w3schools.com/rdf/rdf_reference.asp

· Herman, I. (Feburary-7-2007) Web Ontology Language OWL.
http://www.w3.org/2004/OWL/

· Seeley, R. (February-7-2007) The Semantic Web: The OWL has landed.
http://www.adtmag.com/article.aspx?id=8144&page=

“The language provides a standard way to define Web-based ontologies so that data can be described as what it is -- an enzyme in a biological application or a hotel in a travel industry application -- instead of as document in a tree structure or other database abstraction.”

W3.org information on how metatags should be formatted

  • Berners-Lee, T. (February-7-2007) Paper Trial: Web Architecture Ideas.
    http://www.w3.org/DesignIssues/PaperTrail.html

    Introduction
    Social processes look like state machines. However, they don't exist as a state variable stored in one place, but as a trail of documents. You know the true state of the machine only if you have access to the latest documents. (This is not the problem addressed here, this is real life being modeled.) Paper-trail is a system which allows one to follow a strict process by creating new documents in a constrained fashion. Every paper-trail document has a pointer to a "paper-trail schema" which defines its document type (eg "constitutional amendment") a pointer to its justification documents (maybe) a notarization of when it was checked against the schema by the paper-trail program. The schema defines:

· Prerequisites for a document being valid, in terms of other documents

· Hints to other document types you can make from this one (state transitions)”