Trust in Computing - Apple and "freedom from..."
25 November 2020

“Everything is amazing and nobody is happy” is a sentiment expressed by Louis CK and explained fairly well in The Better Angels of Our Nature: Why Violence Has Declined by Steven Pinker. Similarly, we are in the most usable time of technology and human ability ever. Access to information and functionality has never been more available to more people at any time in history than now.

This marvel is built on an incredible foundation of complexity that even experts can only fully understand a few layers of: the physics of the radio for cell and wifi signals and the light and electrics of wired connections, the engineering of the hardware for the dozens of interconnects from me to Google, the dizzying stack of software from whatever’s modulating and demodulating the physical data signal to the browser interpreting runtime software to add padding to a text field and send data right back down that stack. Plus the organization that requires thousands of people to maintain and develop all these pieces, coordinate and advertise their efforts, and make sure that their output is turned into food and shelter for them and their families. Take away any of these things and the entire thing becomes expensive plastic, glass, and metal.

On Thursday, November 13, 2020 some of Apple’s systems were unavailable for a period, including a service that provides data about signing certificate revocations for running software on Mac OS. If you don’t know what that means, that’s okay. It’s just expert-level knowledge in one of the millions of domains of modern knowledge that people cannot possibly hope to understand even a tiny portion of.

https://news.ycombinator.com/item?id=25074959

To hear the tech experts talk about it, though, your very freedom was being horribly infringed by Apple. How dare Apple dictate what software and in what manner it can be run on a computing device. There were dire warnings of mass abandonment of the Apple ecosystem by developers and what catastrophe their exodus would portend for the company.

I think it was just a bug that happened to affect a lot of people temporarily that will probably be addressed at some point. My browser is taking a few seconds longer to launch because of an availability issue of a security server? HEADS WILL ROLL. Seriously, though, it’s a minor issue with a small component of a much larger complex system designed (and mostly working) to protect the 99% of users from the malicious actions of a small number of experts.

The bigger issue the experts had, though, is the larger security system on Mac OS that this shined a light on. Apple’s “walled garden,” or their locked-down ecosystem that only allows Apple-approved software built by Apple-approved developers to run on Apple-sold devices, is often bemoaned as a freedom-less nightmare. The fact is the walled-garden has done a great job protecting the vast majority of users from the very real threats of privacy violation, identity theft, and monetary loss. They wouldn’t have the expertise to exercise the “freedom” they’ve lost and that freedom would come at the cost of leaving them as a lamb in a world of wolves.

The important distinction (and one particularly relevant to the other situations in 2020) is the difference between “freedom from…“ and “freedom to…“. Many times my freedom to will infringe upon someone’s freedom from. I think that, given the danger of bad actors, the Apple walled garden represents a way for consumers to choose freedom from.

The frustration that the experts who value freedom to have is that it just looks so darn comfy over there in the walled garden. The design is thoughtful and most everything just works. A stark difference from the digital world built on 3 decades of freedom to.

Comments and Reactions


Introducting Atlanta's Best Sidewalks
31 August 2017

I’m sure many of frequent pedestrians in Atlanta have experienced the absurdities of the sidewalk conditions in the city. From just your basic “sidewalkus interruptus” to “sidewalk closed, use other side” on both sides of the street to just a big muddy hole you have to walk in, we have all been victims of the cruel joke of Atlanta’s best sidewalks.

Only in Atlanta: no pedestrian access to park.

Blocking the sidewalk along a busy street with suicide crossings? No problem, just throw up a "sidewalk closed" sign. Pedestrians don't even get a metal plate.

I have launched a gallery to put the best of these examples. I call it Atlanta’s Best Sidewalks. You can find it and post photos of your own favorite sidewalks at: https://www.atlantasbestsidewalks.com.

Go forth and find the best sidewalks in all Atlanta!

Comments and Reactions


Why people hate Comcast
22 February 2016

People love to hate their ISP/Television/Telecom providers, even more than their health insurers somtimes. Why the ire? Why do companies that provide what most people think of as an added-value service seem to hold so much emotional power over them? There seem to be many answers: high prices, missed appointments, service outages, bad support, pushy sales, and monopoly tactics. None of those could account for the absolute contempt that people have for their ISPs.

I think the answer is much simpler than any of those explanations. It’s all about how the providers have framed the relationship with their customers: as an adversary. Because of the way that a company like Comcast chooses to squeeze at every opportunity, the customers have been trained to push back at every opportunity.

When you make a relationship a war, every interaction is a battle.

Indeed, Comcast has made the relationship with their customers a war. Ever year you have to fight with them against the arbitrary increase in price. What you’ve been paying was just an introductory price. You know, like drugs. There’s an actual disadvantage to being a loyal customer.

You get bombarded with sales pitches when you call support to get a broken connection fixed. They seem to be oblivious that a time when their customers’ temperature is running hot is probably not the best time to pitch spending more money. In a sane customer relations department the goal would be to do everything to get the customer happy again. Further infuriating them is just a bad idea. Unless you’re operating from a position of supreme power.

Because in most areas the ISPs operate as a monopoly, they absolutely do not care about their customer relationships. It makes perfect sense from a business point of view. They exist to make money. Customers are money-generating resources to be maximized and happiness costs money. If the only way to get internet access is via Comcast Comcast only needs to keep the customers from deciding to forego internet access entirely. That’s a pretty low bar so Comcast can squeeze their customers pretty damn hard.

The donwside to this strategy is that as soon as a competitor enters the field customers will jump ship no matter what Comcast does. Wherever Google Fiber has entered the market people have subscribed despite it being potentially more expensive (although not for the same service level).

Personally I’d switch away from Comcast even if their service were free. Why? Because they’ve made an enemy of me.

That’s the attitude that the incumbent ISPs have to deal with in any market where actual competition crops up. Maybe I’m overestimating the memory of the average consumer, though. Maybe once the competitive landscape changes and the problems with the new entrants crop up people will forget how much they hated Comcast.

Comments and Reactions


Atlanta urbanism: A tale of public space hostility
17 February 2016

There’s been a lot of discussion of public transit and urbanism in Atlanta recently. I wanted to touch on some observations I’ve made recently about public space.

We recently moved the Time Out Labs office from Midtown to Downtown in the new Switchyards Downtown Club, which is awesome. Kudos to Mike Tavani and Dave Payne for having the vision to put together something startup-oriented and consumer-oriented in Atlanta. It feels a lot like our Hugecity halcyon days at the Goat Farm but with climate control. I’m sure great things will come out of having so many people trying to do such big things in one space.

Being in Downtown Atlanta has been great. As someone who has lived in metro Atlanta his entire life and intown Atlanta his entire adult life I have to admit that I have not given downtown much thought. In my mind it has always been the place where the suburbanite office-dwellers shuffle in for a 9-5 and then flee from the encroaching darkness leaving a vacuum which sucks in the unsavories. And Georgia State. I’m finding that some of the most interesting things in the city are happening downtown, though.

Why wouldn’t they be happening downtown? It’s the densest part of the city in terms of utilizable space. It has multiple MARTA stops. It has the streetcar, which really should be thought of as the first leg of an intown transit network (think BART & Muni in San Francisco) rather than a standalone boondoggle. It has fantastic old buildings. It’s a grid… if you cross your eyes and rotate your left eye 45 degrees. I love the weird back alleys and dives of Fairlie-Poplar. It’s even got the gawking slow walkers taking up the entire sidewalk that you want to push out of the way. It’s almost like being in a real city.

Unfortunately, being in downtown has crystalized the history of what’s held Atlanta back from being a real city:

Atlanta has an unfortunate history of open hostility towards public space.

I consider public space not the opposite of private space. Indeed lots of private space is ‘public space.’ It’s space that people have a pull to be in and its properties are mostly aesthetic. Public space could be anywhere. It could be a sidewalk lined with trees and cafes. It could be a park. It could be the stairs to a grand old building. If you see people milling about it’s probably a public space.

Unfortunately Atlanta is filled with spaces like this:


An actual street in downtown Atlanta. At least it has sidewalks...

This is the opposite of a public space. This space screams with every fiber of it’s being “Get out of here!” This street does have sidewalks, but they’re so uninviting and unsafe feeling I’d walk blocks out of the way to avoid them. The buildings on either side of the street seem fortified against the street. Almost as if a structure could have disdain.

This is an unfortunate legacy from the architecture and urban planning thinking of the 60s-90s. As the suburbs exploded in popularity, downtown remained where the jobs were. The people who successfully created little insular spaces for themselves in Roswell wanted to stay ‘protected’ when commuting into Atlanta. We obliterated lovely historic neighborhoods to accommodate the desire to be fortified in a vehicle while driving to a job. We designed office buildings that barricaded themselves against what was surely irreversible urban decay.

The line of thinking was that urbanness was an unfortunate holdover of days when lack of car and computer forced people to live in close proximity to each other. Indeed people were waiting for the day that they wouldn’t even have to spend any time in a city at all because of the promise of telecommuting. Everybody could live the 50s dream of a suburban house with a neighbor on each side and a shiny new car in the driveway.

And so acres of well-built urban public space in Atlanta were torn down to fortify against the legacy of urbanness. Instead of the public-facing buildings we once had, we have inward-facing buildings like the Americasmart, Westin, and the Marriott Marquis.


Atlanta's fortified spaces. Top: The Marriott Marquis with its glorious inner volume and big middle finger to Peachtree Street. Bottom: An Americasmart building (one of four buildings) hoarding is interior space.

It’s almost as if the buildings expect their inhabitants to barely tolerate holding their noses against the stink of being in the city until they can reach the fortified public spaces they hide inside themselves. They acknowledge the importance of public space while trying to make it as private as possible.

This is the legacy that we have to fight against in making downtown a space that people want to spend time in again. Most of the structures are not going anywhere. All we can do is make sure we don’t make these same mistakes in the public spaces we are creating now. We’re not doing a fantastic job. Somebody let Emory build this in Midtown:


Emory's Proton Therapy Center in Midtown.

Even today we’re seeing naked hostility towards the public space in Atlanta. Not only did someone think that this was an appropriate building facade to put on Juniper Street, the sidewalk is still closed today.

Comments and Reactions


Encryption is a lock on digital doors
15 December 2015

Another day, another politician saying that law enforcement needs the ability to define mathematics: http://www.dailydot.com/politics/carly-fiorina-encryption-backdoors-crypto-wars-2016/… not that I’m saying that Fiorina would make a bad president or a bad tech company CEO (she most certainly would and has). Plenty of other politicians, actually most of them, have made some kind of statement saying that we need TSA locks on every digital door.

There are several problems with this plan:

Internet locks are not like physical locks

Everybody loves analogies to explain technology, so let’s start with that. Law enforcement rightly has the authority to break locks on doors to access places they have a warrant to access. They do not, however, have the right to dictate the nature of the door or locking mechanism. What people are proposing now is just that: dictate the nature of the locks on digital doors.

This is problematic because of the difference between a digital door and a physical door. Part of the security of a physical door is its spatial isolation. A door can be hard to get to. You have to physically pass through and occupy space around that door to get to it. For a locked door that you don’t have a key for, you have to physically modify (usually break) the door.

Digital doors have none of these limitations. You don’t have to physically do anything. Digital doors are not isolated in space. They exist everywhere at all times. A better way of thinking about it is like this:

Your digital doors open into every other room and space in the world, accessible by criminals and friends alike.

Wouldn’t you want the locks on those doors to be as strong as possible? Would you want to weaken them because the police say “That lock’s too strong, we need to be able to access your house in the event of a crime or emergency?” Of course not, not when every criminal in the world is literally waiting right outside of it.

Would you give a spare house key to every police department in the country?

No, of course you wouldn’t, because that’s insane. You’d have to place massive amounts of trust in a huge number of people and bureaucracies. Once violation of trust and security and that key ends up in a criminal’s hand. Except it would be every criminal’s hand. And every criminal is waiting in that room that has every digital door in it. And that key opens every single door there.

Math does not work like that

Encryption works because of math. It works because it takes a long time to compute something without knowledge of a special number. If you have that special number you can make that computation. This allows us to ensure that when we ask our bank’s website to withdraw $100, they can be sure we are who we say we are, and there is nobody listening to our conversation to gain the knowledge of how to withdraw more money.

What these proposals are talking about is changing that computation so either:

  1. You don’t have to have that special number if you make the computation a little differently and only the government would know how.
  2. You could use a ‘master number’ like that master locker key the janitor had in High School in lieu of the special number.

Both of these break the trust of the computation. The first one relies on only the ‘good guys’ knowing the method. The second one relies on only the ‘good guys’ having the master number. These methods are known as Security through obscurity. Secrets never stay secret for long and this would be the world’s highest profile secret. Anybody who had this secret could open any digital lock on the planet.

Maybe some laws should change

So we have a situation where the only rational design of the system does not allow access to law enforcement servicing a lawfully issued warrant. This is a problem, I will not disagree with that. The solution, however, is not to break the fundamental principles of secure digital communications.

With physical doors, an owner of the door would not have to supply a key because a bolt cutter or battering ram could be utilized. With digital doors it is actually impossible to open the door without the number.

The US Constitution protects US citizens from being forced to incriminate themselves. A lot of people (and courts) have taken this to mean that people can’t be forced to unlock digital devices and information because communicating a password or key would be incriminating themselves. This is not an unrational position to take.

Maybe, though, when a lawful court orders someone to open a digital door we should not consider that self-incrimination. They could always refuse and face contempt of court. This would have to be done on a case-by-case individual basis, though. It would have to be done in the open by a judge. This is the only way I currently see to keep information secure and not completely shut out lawful law enforcement.

I don’t know, though, I’m not a lawyer. That could open up a bigger can of legal worms than I can anticipate.

Comments and Reactions