Slashdot Mirror
Hailstorm: Changing Society's Privacy Infrastructure
chikanamakalaka writes: "I found an article at the Seattle Times about Microsoft's upcoming "Hailstorm" service and associated privacy concerns. The story is here."
← Back to Stories (view on slashdot.org)
OK, so if I get in a car accident, it'll call my spouse, send my medical records, and reschedule my appointments.
How do I tell it? Are we going to wire my car with Hailstorm, too? I drive a friggin 1991 Bronco II, not exactly a tremendous technology platform. OK, maybe my WinCE Pocket PC will do it for me; hope the paramedics know how. No, better yet, I'll let them spend their time keeping me out of shock.
I'm all for "changing society's infrastructure", but c'mon.
ZOMG I WOULD LOVE TO KNOW ABOUT YOUR FEELINGS ON MACINTOSH VERSUS WINDOWS, VI VERSUS EMACS, AND HOW YOU'RE NOT A DORK
I am in the process of working on a way to short circuit privacy policies on the Internet so it is the user is who is in control and not large companies like Microsoft. The DMCA and other US regulation now gives systems like Hailstorm rights to keep your information as a corporate asset. This would basically make systems like Hailstorm a wholesale violation of both the users rights on their *own* data and their privacy.
I have come up with a system so that the user who originates the request can maintain copyright on his data and so that the receiving site has a chance to either opt-out or accept and abide by the agreement. (of course all this will be Open Source).
Basically it works with the HTTP protocol and should support any server/browser combination. Right now I have hacked Mozilla 0.8.1 to support this.
The mechanism is *very* simple. Basically it add one more HTTP header *prior* to the request being transferred. A valid request would look like:
GET http://hailstorm.microsoft.com/ HTTP/1.0
User-Agent: GNU/Linux and Mozilla
User-License: All your base are belong to us!
The goal here is that the single click licenses that Amazon/Microsoft and every other site can also be used by users:
"By responding to this HTTP request, you are accepting the practices described in this Privacy Notice. You will not give my information out to other users and you understand that I maintain copyright" (this would have to be encoded so that it is an HTTP param)
Of course the above is not Lawyer talk but I am hoping that we can get some official licenses together. If anyone knows any lawyers who are interested in contributing please give them my e-mail (burton@openprivacy.org).
The goal is that users would standardize on icenses, if sites ever violated the user policy then they would file a class action suit.
I have the code local if anyone wants a copy. It is really raw right now but I am trying to add a control panel in Mozilla so that users can nable/disable it and also set their license.
Kevin
This strikes me as good and bad.
Bad because I don't want people to know when I'm looking at pr0n.
Good, because if it decides that me looking at pr0n is me being "busy", maybe it'll cut back on the damn pop-up ads.
- Jonathan
This may be redundant, but these quotes have to be seen to be believed (empahsis added in the following):
...Microsoft may be the only company in the world with the skill and clout to pull it off...
...the public will fully accept the HailStorm concept and Microsoft as a trusted repository within five to 10 years...
..Initially, HailStorm will consist of a universal password and a service...
...If you are in a car accident, HailStorm could automatically send your medical history and insurance information to the hospital before the ambulance arrived...
...Microsoft officials acknowledged the company has been vulnerable to attacks and system failures...
...They're the most attacked infrastructure there is on the Internet, they're the No. 1 target for hackers...
It'll never work. There is no fucking way I'd trust anyone, let alone microsoft, with that sort, or quantity, of private information.
There may be many reasons not to kill you, but among them is not that you'll be missed by NASA - The Long Kiss Goodnight
If you are in a car accident, HailStorm could automatically send your medical history and insurance information to the hospital before the ambulance arrived. Then it could page your spouse and reschedule your appointments.
Honey, I'm in the ER bleeding like a sieve. Could you pick up the kids at soccer practice today?
Sure. No problem.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
If Microsoft is not an Evil Empire(TM), I don't think there ever was one!
-----
Now, If you just toss a frog straight into a pot of boiling water, this is not going to to anything but upset the frog and make the frog jump out of the pot. BUT, if you put the frog into the pot when tha water is cool, the frog will like it. If you then very gradually raise the temperature of the water the frog will not notice it. You can eventually raise the temperature of the water until it is boiling, and you now have one cooked frog dinner. NOTE, California bullfrogs, weighing in at about 3 or 4 pounds, have enough meat to make a decent meal.
How does this relate? Simple.
The long term strategy of MS is to slowly increment changes in the way things worked so that in the end, everything works they way they want, and they can dictate how it goes together. If they got greedy and tried to do it all in a year or so, then they would never get agreeement. But by implementing it bit and piece, they can continue to carve a large and larger section of the pie for themselves. All they have to do is think longer term than their opponents.
Actually, I am sure they have on a wall someplace their equivalent of a 5 or 10 year plan to conquer the known (software) world, subject to revision and new discoveries, etc. They likely planned killing off Windows about 3 to 5 years ago when it became obvious that the legal suites were beginning to be a real pain. They are not there yet, but they needed an escape plan. Part of the move to taking over the Internet was part of this escape plan, which is why Gates made sure it was the equivalent of a oceanliner coming to a halt and turning on a dime.
How to we handle this?
We need as far reaching an effort and long range vision as they do. A competitive Argument that resonates. Microsofts's sells to the inherently lazy streak in people, even if the PR is twisted. They sell to "we make it easier for you".
What competitive meme do we offer to fight this Microsoft meme virus?
Check out the Vinny the Vampire comic strip
"It is a greater offense to steal men's labor, than their clothes"
Microsoft's Hailstorm is another manifestation of the American "I want my mommy" society. Consider, for instance, a currently-running commercial for the Chevy Suburban, wherein some dumb cluck locks his keys in the truck whilst ruining tundra in the Rocky Mountains. He calls out on his cell phone, and Chevy unlocks his car remotely .
Holy Big Brother, Batman!
It sure makes me appreciate my 1985 4x4 Chevy Suburban; the most technologically-advanced priginal equipment feature on my truck is the electric windows. Now, I have some communication doodads onboard, and I'm adding a few other James Bond features, but I'll be damned if I want some anonymous corporate cog accessing to my doorlocks!
And Satan will be dodging snowballs in Hades before Microsoft pries the personal data from my cold, dead fingers. Just don't be surprised if Hailstorm is a success, especially among the people who desperately want to be wet-nursed through life...
--
Scott Robert Ladd
Master of Complexity
Destroyer of Order and Chaos
All about me
What Microsoft is doing is convenient: centralize it all on Microsoft servers and Microsoft standards. Forget about federation, server-to-server protocols and all that. What Microsoft is doing is also cheaper in the short run an quicker to market (which is why it will likely beat open standards). Nobody but Microsoft can deliver this, not because they have any better technology, but because they have the market position.
The loser is the consumer, who will be denied any kind of market choice again: your choice may be to buy Microsoft or not schedule any appointments with your doctor, dentist, or insurance broker.
On the bright side: there is a good chance that this will not fly. With always-on Internet connections, people can control their data themselves. Even without any privacy incentives, answering machines still sell well, despite personal voice mail offerings. Many people will probably prefer to keep their personal data in cheap, secure Internet servers in their home, no larger and no more complex than an answering machine.