I hope that the NYTimes can find a business model that works on the web. I really do. I hope they manage to persuade people to pay for their journalism.
But, and I cannot stress this enough, I hope their model is one that works without having to make special arrangements with, or otherwise threaten and interfere with, other providers of content on the web and ISPs.
Their problem is that they want the promotion benefits of sites like Twitter, and they want to make the NYT free to people who come from there so that Twitter users don't complain that following a link has taken them up to their limit of free pages. But they also want to encourage users to come to them via other routes as well. This is so very much like wanting to eat their cake and have it to that it deserves to fail horribly.
What no one has managed to do is make a paywall that has the simplicity (and lack of commitment) of buying a paper newspaper. I was tempted to buy the London Times online, until I saw that I needed to sign up for a subscription and hand over my bank details first. Give me a way to pay 50p or 75c for my morning newspaper without any other fuss and I'll gladly pay the daily fee, as readily as I buy cheap iPhone applications. Not, of course, that I'm the first to think in these terms, though Apple for the moment are keeping their offering on the iPad.
Google did a great job creating an open protocol. But they made two mistakes:
1. They were not open enough. Although they had suggested that people would be able to build their own clients (and demoed a curses based client) they never opened an API for writing a wave client. They wanted it to be a flagship web application - but just as people like all sorts of different clients for email (even if many now like web clients), they would probably have liked client choice for wave - especially if 3rd party clients had shown waves along side email and the like.
2. They were too open. Their programming model for wave (web-hosted applications with read and write access to your wave) had huge security implications. It was not clear from the UI who would have access to your data and when.
Both of these were things that slowed adoption of wave.
It is easy to decode what he was really saying What he says is not really a prediction, it is an admission that Google stores uniquely identifiable data about everything its users do. He is probably right that many of us have predictable search/browsing habits. He is offering to sell Governments a product that matches a browsing profile with users.
I have nothing that I can think of to hide, I think that this kind of thing sits poorly with Google's claim of not being evil.
Shall we all use Microsoft's search product instead?
Of course, it is hard to blame google. Most of us rely on an expensive service they produce for free, and have not been very picky about the terms of service before we have done so.
Reading the Fine Article, I'm very unclear whether his reading would also apply to any code running under an interpreter that was licensed with the GPL. Or perhaps even more than that.
We must recall all the FUD that used to be spread about Linux that said that any program made with gcc would also have to be licensed under the GPL. What is different about the reasoning here?
Which is not to say that the claims here are wrong, but just that I would be rather happier if he had not only said, "This is why I am right in this case" but also given a rather clearer line on "And if this were different I would be wrong..."
What a perfect way to prove just how fundamentally broken the technologies of the web are. Content, arguments, scripts, user-data....it's all just one big mess. I got to the point about hosting content on separate domains to avoid some XSS attacks and thought: when the security *fixes* look like kludges, something is very, very wrong.
...when there is good, reliable, 3g coverage or better everywhere, and when data charges (especially when roaming abroad) are negligible. But frankly, the places I most need GPS are where coverage is poor and roaming charges are high.
I was going to post a comment on their website, but they will only allow comments from "Supporters".
These guys just can't have it both ways. Either they want a licence fee that Google won't pay, in which case they must surely be happy to see the content blocked, or else they want to be on Google/Youtube's servers, in which case they are going to have to be flexible about the licence fee thing.
The completely unsustainable position is to say, as they seem to be, "you have to carry our content because that is good for our performers, but if you do you must pay this fee."
Are the governments and institutions now calling for better identity management the people who could have helped promote public key based id technology in the 1990s, who could have encouraged better user interfaces, the infrastructure needed to verify ID etc.? Or are they the people who either stuck their heads in the sand or actively discouraged the development of a public-key based system?
Why is it that I still cannot give my bank my PGP certificate and tell them I want any emails they send me encrypted? Why does my bank not sign its emails? Why is it that even companies that used to offer PGP-based communication (Network Solutions, Twate) don't any more?
Two answers: governments wanted to discourage the use of encryption technology in the 1990s; anybody working in the security industry wanted to control every aspect of it and nobody wanted to promote the use of interoperable standards.
And, of course, the OpenPGP crowd didn't help themselves by opposing features (additional decryption keys) that made PKI attractive to business, andengaged in endless arguments about when you should and shouldn't sign a particular key.
The truth of the matter is this: we could have strong identity on today's internet starting right now - if governments stopped being scared of the technology that makes it possible, and if institutions and software makers adopted open standards wholehartedly.
As a recently (converted?) Mac user, one of the aspects of the system I most like is the fact that the Dock displays one icon per application, rather than one icon per window, which rapidly beomes less useful than it might be, but is the norm for Gnome/KDE/Windows.
As a user, I'd much rather click to say, "I want to go back to _this_ application."
If E17 has adopted the Mac paradigm in this respect I'm most impressed.
On a more general note, I wonder how long it will take Apple Legal to become interested.
Some "ISPs" (eg UK Universities) have banned the use of Skype because of concerns about the "P2P" aspects of it - i.e. becoming a supernode. Their concern is both about bandwidth, but even more about the terms of the EULA.
"Gizmo" _seems_ to be free of such problems, and if that is so it could be a great advantage.
How probable is it (and can it be proved mathematically?) that any given "secure" password does not, in fact, give the same MD5 output as a "simple" password?
I know everyone here thinks they are safe because their password is something complicated. It would be a shame if you could also log in by typing "password" at the prompt....
On a first reading, I thought the ideas seemed quite sensible. One problem they did address in an interesting way was that of people with several email identities. One of their suggestions is that whoever is hosting the incoming email provides outgoing smtp services too, which would be a change from the (outdated?) idea that one should always use the "nearest" smtp server for all email. Though ISPs who currently block outgoing port 25 (such as my University!) would have to think again.
I would have thought that calling the browser "Mozilla Firebird" solved any name-clash issues.
The new name makes no sense at all. "Firebird" at least reminded one of "Phoenix", ie: a browser rising from the ashes. But Firefox? What's that? Other than a bunch of potential trademark infringements as another poster has pointed out.
So I scrape 500,000 email address from websites and set up my own mail server - you'll still get spam.
Yep. Then I can find you easily.
Or use a whitelist of servers which are run by reputable ISPs.
No...I can't claim to get rid of ALL spam using my method; but it changes the problem simply, with technology which could be used right now, and which would make spam a lot harder to do from anonymous accounts.
I'm sick of reading proposals (often from industry profit-seeking types) who want to put a paid-for "stamp" or similar "token" on email. (I'm talking generally, though---yes---I did read this paper)
It looks attractive logic:
1. Lots of people use email 2. We offer a system which will beat spam at a cost---our 'trusted 3rd party' or whatever---but only if people who use it can't talk to anyone else, so everyone has to use it 3. Profit.
This is NOT the way forward on spam. Nor, realistically, is anything which re-writes the rules for email. People like editing headers. In fact, if it weren't for spam, people like email as it is---period.
The way forward seems simple:
smtp servers should start requiring genuine users to log in. (though rarely used, there are smtp systems which allow this, and most major clients---yes even the MS ones---already talk to these servers and have done for years)
servers which don't should quickly find their way onto blacklists.
(I shall leave the exact way these blacklists should be used as an exercise for the reader)
Simple. Low cost. Not a business model; but a clear solution.
Perhaps I didn't make my point as clear as it could have been. Of course, as I said, Spam is a problem. But there are ways to try to prevent its impact being so damaging, and with this in mind users need continuous education about when to give out addresses. There may even be new laws soon, though I suspect that the legal route will not stop spam.
I did not mean to imply that spam is a problem which should be ignored. When I talked about FUD, what I meant was the flury of stories on the internet at the moment predicting the death of email as a useful system. *THAT*, I think, is unlikely.
I'll probably loose karma over this, but here goes anyway.
Of course spam is an important issue. And it's damn annoying too. But I simply don't believe all these stories about how email is going to become crippled by it.
There are spam filters. More importantly, the use of aggressive blacklists forces ISPs themselves to take a tough line.
The questioner asks what the future for email is. Well, it's simple: email is fine as long as the user is sensible. I have several accounts. I know that my hotmail account is entirely unusuable because of the level of spam it recieves. If I need to give my email address to someone I don't trust fully, I give them that.
I have a work address. This gets a little spam from time to time as the organisation gets targeted. I filter out these spams with my own spam filter.
Mailing lists tend to go to another address. So far, I haven't had too much spam from that quarter.
My personal address is known only to a few friends. So far, no spam.
The rule for keeping your address spam free is the same as it ever was: don't publish it.
Now, what about people who want to advertise their address for open source projects and the like? Well, put it in the source code, in the README files, wherever you like. Just not on your web page.
The article states that advertising groups have insisted that their adverts don't get cut in any way, and the company making the product have assured them that it won't remove frames from adverts, only programming.
But why didn't he simply tell them that no one would notice these "pesky duplicate frames"?
The answer must be that you CAN notice a difference. 30 seconds less show in half an hour is about 1 second every minute. That time HAS to come from somewhere, and makers of shows are right to think that this technology will alter aspects of the show -- maybe it will be a subtle change, but a lot of drama is about subtle moments.
Slashdot Mirror
Wayland is Linux only, isn't it? What about all those other places that run X.org?
I hope that the NYTimes can find a business model that works on the web. I really do. I hope they manage to persuade people to pay for their journalism.
But, and I cannot stress this enough, I hope their model is one that works without having to make special arrangements with, or otherwise threaten and interfere with, other providers of content on the web and ISPs.
Their problem is that they want the promotion benefits of sites like Twitter, and they want to make the NYT free to people who come from there so that Twitter users don't complain that following a link has taken them up to their limit of free pages. But they also want to encourage users to come to them via other routes as well. This is so very much like wanting to eat their cake and have it to that it deserves to fail horribly.
What no one has managed to do is make a paywall that has the simplicity (and lack of commitment) of buying a paper newspaper. I was tempted to buy the London Times online, until I saw that I needed to sign up for a subscription and hand over my bank details first. Give me a way to pay 50p or 75c for my morning newspaper without any other fuss and I'll gladly pay the daily fee, as readily as I buy cheap iPhone applications. Not, of course, that I'm the first to think in these terms, though Apple for the moment are keeping their offering on the iPad.
Google did a great job creating an open protocol. But they made two mistakes:
1. They were not open enough. Although they had suggested that people would be able to build their own clients (and demoed a curses based client) they never opened an API for writing a wave client. They wanted it to be a flagship web application - but just as people like all sorts of different clients for email (even if many now like web clients), they would probably have liked client choice for wave - especially if 3rd party clients had shown waves along side email and the like.
2. They were too open. Their programming model for wave (web-hosted applications with read and write access to your wave) had huge security implications. It was not clear from the UI who would have access to your data and when.
Both of these were things that slowed adoption of wave.
It is easy to decode what he was really saying What he says is not really a prediction, it is an admission that Google stores uniquely identifiable data about everything its users do. He is probably right that many of us have predictable search/browsing habits. He is offering to sell Governments a product that matches a browsing profile with users.
I have nothing that I can think of to hide, I think that this kind of thing sits poorly with Google's claim of not being evil.
Shall we all use Microsoft's search product instead?
Of course, it is hard to blame google. Most of us rely on an expensive service they produce for free, and have not been very picky about the terms of service before we have done so.
Reading the Fine Article, I'm very unclear whether his reading would also apply to any code running under an interpreter that was licensed with the GPL. Or perhaps even more than that.
We must recall all the FUD that used to be spread about Linux that said that any program made with gcc would also have to be licensed under the GPL. What is different about the reasoning here?
Which is not to say that the claims here are wrong, but just that I would be rather happier if he had not only said, "This is why I am right in this case" but also given a rather clearer line on "And if this were different I would be wrong..."
What a perfect way to prove just how fundamentally broken the technologies of the web are. Content, arguments, scripts, user-data....it's all just one big mess. I got to the point about hosting content on separate domains to avoid some XSS attacks and thought: when the security *fixes* look like kludges, something is very, very wrong.
...when there is good, reliable, 3g coverage or better everywhere, and when data charges (especially when roaming abroad) are negligible. But frankly, the places I most need GPS are where coverage is poor and roaming charges are high.
Sorry. I did mean second, of course. But then not being American and being home from a long day, I got my numbers mixed! If only one could correct....
Mind you, maybe the mistake is satire in itself! (Though not deliberate, I'll be the first to admit)
And Americans can each have one under their First Amendment Rights, no? It's what Franklin would have wanted....
It reminds me of what a friend who works doing IT for big banks is fond of saying:
"Nothing beats the bandwidth of a lorry full of tape travelling up the M1"
I was going to post a comment on their website, but they will only allow comments from "Supporters".
These guys just can't have it both ways. Either they want a licence fee that Google won't pay, in which case they must surely be happy to see the content blocked, or else they want to be on Google/Youtube's servers, in which case they are going to have to be flexible about the licence fee thing.
The completely unsustainable position is to say, as they seem to be, "you have to carry our content because that is good for our performers, but if you do you must pay this fee."
Are the governments and institutions now calling for better identity management the people who could have helped promote public key based id technology in the 1990s, who could have encouraged better user interfaces, the infrastructure needed to verify ID etc.? Or are they the people who either stuck their heads in the sand or actively discouraged the development of a public-key based system?
Why is it that I still cannot give my bank my PGP certificate and tell them I want any emails they send me encrypted? Why does my bank not sign its emails? Why is it that even companies that used to offer PGP-based communication (Network Solutions, Twate) don't any more?
Two answers: governments wanted to discourage the use of encryption technology in the 1990s; anybody working in the security industry wanted to control every aspect of it and nobody wanted to promote the use of interoperable standards.
And, of course, the OpenPGP crowd didn't help themselves by opposing features (additional decryption keys) that made PKI attractive to business, andengaged in endless arguments about when you should and shouldn't sign a particular key.
The truth of the matter is this: we could have strong identity on today's internet starting right now - if governments stopped being scared of the technology that makes it possible, and if institutions and software makers adopted open standards wholehartedly.
As a recently (converted?) Mac user, one of the aspects of the system I most like is the fact that the Dock displays one icon per application, rather than one icon per window, which rapidly beomes less useful than it might be, but is the norm for Gnome/KDE/Windows.
As a user, I'd much rather click to say, "I want to go back to _this_ application."
If E17 has adopted the Mac paradigm in this respect I'm most impressed.
On a more general note, I wonder how long it will take Apple Legal to become interested.
Some "ISPs" (eg UK Universities) have banned the use of Skype because of concerns about the "P2P" aspects of it - i.e. becoming a supernode. Their concern is both about bandwidth, but even more about the terms of the EULA.
"Gizmo" _seems_ to be free of such problems, and if that is so it could be a great advantage.
How probable is it (and can it be proved mathematically?) that any given "secure" password does not, in fact, give the same MD5 output as a "simple" password?
I know everyone here thinks they are safe because their password is something complicated. It would be a shame if you could also log in by typing "password" at the prompt....
N
On a first reading, I thought the ideas seemed quite sensible. One problem they did address in an interesting way was that of people with several email identities. One of their suggestions is that whoever is hosting the incoming email provides outgoing smtp services too, which would be a change from the (outdated?) idea that one should always use the "nearest" smtp server for all email. Though ISPs who currently block outgoing port 25 (such as my University!) would have to think again.
N.
I would have thought that calling the browser "Mozilla Firebird" solved any name-clash issues.
The new name makes no sense at all. "Firebird" at least reminded one of "Phoenix", ie: a browser rising from the ashes. But Firefox? What's that? Other than a bunch of potential trademark infringements as another poster has pointed out.
So have a whitelist of trusted servers.
Or blacklist ISPs that tollerate private SMTP and do nothing about SPAM.
And blacklist the free web services which don't have some mechanism to discourage the registration of large numbers of accounts.
My point, as I said elsewhere, is not that authenticating smtp users is a solution to all spam in itself, my point is that it would help. A lot.
Yep. Then I can find you easily.
Or use a whitelist of servers which are run by reputable ISPs.
No...I can't claim to get rid of ALL spam using my method; but it changes the problem simply, with technology which could be used right now, and which would make spam a lot harder to do from anonymous accounts.
I'm sick of reading proposals (often from industry profit-seeking types) who want to put a paid-for "stamp" or similar "token" on email. (I'm talking generally, though---yes---I did read this paper)
It looks attractive logic:
1. Lots of people use email
2. We offer a system which will beat spam at a cost---our 'trusted 3rd party' or whatever---but only if people who use it can't talk to anyone else, so everyone has to use it
3. Profit.
This is NOT the way forward on spam. Nor, realistically, is anything which re-writes the rules for email. People like editing headers. In fact, if it weren't for spam, people like email as it is---period.
The way forward seems simple:
smtp servers should start requiring genuine users to log in. (though rarely used, there are smtp systems which allow this, and most major clients---yes even the MS ones---already talk to these servers and have done for years)
servers which don't should quickly find their way onto blacklists.
(I shall leave the exact way these blacklists should be used as an exercise for the reader)
Simple. Low cost. Not a business model; but a clear solution.
Anyone want to start writing to ISPs?
Perhaps I didn't make my point as clear as it could have been. Of course, as I said, Spam is a problem. But there are ways to try to prevent its impact being so damaging, and with this in mind users need continuous education about when to give out addresses. There may even be new laws soon, though I suspect that the legal route will not stop spam.
I did not mean to imply that spam is a problem which should be ignored. When I talked about FUD, what I meant was the flury of stories on the internet at the moment predicting the death of email as a useful system. *THAT*, I think, is unlikely.
I'll probably loose karma over this, but here goes anyway.
Of course spam is an important issue. And it's damn annoying too. But I simply don't believe all these stories about how email is going to become crippled by it.
There are spam filters. More importantly, the use of aggressive blacklists forces ISPs themselves to take a tough line.
The questioner asks what the future for email is. Well, it's simple: email is fine as long as the user is sensible. I have several accounts. I know that my hotmail account is entirely unusuable because of the level of spam it recieves. If I need to give my email address to someone I don't trust fully, I give them that.
I have a work address. This gets a little spam from time to time as the organisation gets targeted. I filter out these spams with my own spam filter.
Mailing lists tend to go to another address. So far, I haven't had too much spam from that quarter.
My personal address is known only to a few friends. So far, no spam.
The rule for keeping your address spam free is the same as it ever was: don't publish it.
Now, what about people who want to advertise their address for open source projects and the like? Well, put it in the source code, in the README files, wherever you like. Just not on your web page.
In the article one of their selling points seems to be that they (microsoft) are making money.
The article talks about government policy that government funding should lead to (which ms has taken to mean "go to") money making companies.
An interesting argument: "buy from me so I can make money". Wasn't that what Real Names said to Microsoft?
....sure, but try recompiling the kernel!
The article states that advertising groups have insisted that their adverts don't get cut in any way, and the company making the product have assured them that it won't remove frames from adverts, only programming.
But why didn't he simply tell them that no one would notice these "pesky duplicate frames"?
The answer must be that you CAN notice a difference. 30 seconds less show in half an hour is about 1 second every minute. That time HAS to come from somewhere, and makers of shows are right to think that this technology will alter aspects of the show -- maybe it will be a subtle change, but a lot of drama is about subtle moments.