“Got kitesurfing on the mind, mixed with some search & classification tech, and a dab of political ranting”

Archive for July, 2006

Disintermediation, or adding value to content using plug-ins

Posted by direwolff on July 29, 2006

Recently, I began using the coComment plug-in to keep track of the comments and discussions that are taking place in blog posts I follow. I have to admit, the simplicity of the application (or at least the appearance of simplicity) is awesome, and even more cool is how the comment entry and tracking capability is seemlessly integrated into the comments area of blogs. Where one wants to just begin discussing some miscellaneous page on the Web, that too is easily achieved by clicking on the coComment icon that appears in the browser (in the case of Firefox it appears right next to the home icon).

So this got me thinking, with this plug-in, coComment managed to kind of disintermediate blog site visitors who want to comment on the blogs they read from the blog application providers (ie. SixApart, WordPress, etc.). Sure, the comments still appear on those blogs and perhaps even the ability for that to happen isn’t truly being interfered with, but the ability to capture information at this stage means that coComment didn’t need to have a deal with the blog application providers to coordinate them sending the comments from blogs to coComment’s data repositories. Mind you, it probably would have been a monumental task for coComment to get these application providers to agree to even do this.

Another technology in the plug-in space is the AttentionTrust Recorder. They have been able to avoid coordinating with Web sites for individuals’ cookie crumbs, basically getting at the traffic information of what pages each visitor looked at on a publisher’s site. By being able to leverage the plug-in to track and gather this visitor traffic data, they can easily aggregate this across all sites without having to strike relationships with each site, so long of course, that the end-user opts-in to the service.

Plug-ins open up opportunities for valuable end-user services that can even leverage the content that users are seeing and be more easily deployable, without needing the cooperation from other Web sites. If you think of all of the service providers that try to get Web sites to integrate their content or functionality, to the extent that what they’re offering is truly of service to the end-user, plug-ins really offer a smart way of going direct to them. This really has me thinking of some interesting applications that can leverage site content to provide real end-user value.  While I’ve probably only confirmed here my status as “Master of the Obvious”, given the fact that I still see lots of service providers going the path of doing deals with sites for distribution on onerous terms or for little added value to all parties, I feel that plug-ins have been under appreciated by service providers.


Posted in Technology | Leave a Comment »

Oil companies hitting record profits…again

Posted by direwolff on July 27, 2006

I’m all for companies profitting in the tradition of the American Way, but when it’s on the backs of hard working people, there has to be a way to keep this in check. Exxon Mobil announced today its 36% earnings increase in profits from a year ago, (comments on the Huffington Post’s news clip on this do a good job of showing the anger people are feeling about this). This article also discusses the stellar performances of Royal Dutch Shell, BP, ConocoPhilips, and Chevron is expected to announce its financial results at the end of the week. Now one has to wonder how this is all possible when the oil companies have been claiming that their prices are increasing resulting in average consumers getting pumped at the pump. They also claim growing costs for exploration. In my “stupid pet tricks” math, I’m trying to figure out how a company can make more money when all of its costs are increasing unless of course it’s charging its customers at a greater rate than the costs are rising. I’m happy to claim ignorance on how all of this works, but it does seem a might peculiar how all this seems to working out with an administration full of former oil executives at the helm. I’m not saying there’s anything wrong with that, but…

OK, now let’s contrast all of this with the following Washington Post story from April 26th of this year, “GOP Blocks Measures Boosting Taxes on Oil Companies’ Profits“. Wake me up when this nightmare is over. By the way, if you don’t think any of this affects our country’s security, then it’s probably time that you go back to that sleep you’ve been enjoying.

Update 8/3/06: A friend yesterday made a very estute comment on this matter, saying something has to be wrong if in a competitive marketplace all of the incumbents are making record profits at the same time. I have to agree with him, and while I’d hate to use the term collusion, I will.


Posted in Public Policy, Security/Privacy | Leave a Comment »

“…just another brick in the wall”

Posted by direwolff on July 27, 2006

Now it’s license plate tracking that’s facilitating the further erosion of our personal privacy, and incidentally our security too as a result. This Wired article lays out this existing technology that is now being prepared for deployment into the private sector. Note the article’s mention of ChoicePoint and Axciom as prospective data acquirers here, just the companies we want to hear about getting involved with this at some point.

Posted in Security/Privacy | Leave a Comment »

Identity or lack thereof online, why does it have to be so?

Posted by direwolff on July 26, 2006

Just read an interesting post on titled “Identity is dead. Get over it.”, by Sean McGrath. It is an interesting quote lifted from something Scott McNealy apparently said. The quote itself is something I’ve been thinking about lately because the fact is that mainting one’s privacy and/or anonymity in today’s world is actually very very expensive and getting more and more impossible to do. What would it cost to rent a car or a hotel room without a credit card? Most car rental agencies and hotels won’t even consider doing this, but I’m sure if you laid down the price of the car in cash they’d make an exception (not sure how much hotels would consider being enough for a room). Even in the cash only world you’d have established, how do you get that cash, since ATM transactions would maintain transaction records in your name and ATM cards are generally co-branded by the card associations (Visa & Mastercard) and dubbed debit cards (which process through similar networks as the credit cards). Hmmm…

OK, let me put that aside for now, what really iritates me these days is the fact that every Web site or Web service requires a new user name & password. For Pete’s sake!!! I’m not suggesting that they give up on registering members, but can’t sites begin to agree on standards for logging in to their services. I mean how many times must companies develop or integrate user authentication services before someone figures out that this is not a critical component of the businesses they operate. There are solutions floating around like inames and SXIP Identity which are making headway here, but why aren’t all Web masters jumping aboard one of these bandwagons? Why all of the resistance? How much disdain do Web masters have for their constituents to constantly require them to confirm e-mail registration notifications. Well, I for one look forward to the day where this madness ends.

OK, two rants for the price of one post. In coming to terms with the constant public policy, governmental and industrial challenges to what was once thought to be our private information, I’m also realizing that the tools we’re provided online to manage our identities suck! I continue to keep my eye on the advances being made by the AttentionTrust and various other services out there, but it seems like all of the initiatives being discussed and debated are running way behind the policies which are destroying our last remaining rights to anything private.

Posted in Public Policy, Security/Privacy | Leave a Comment »

The Supreme Court says it, the ABA says it, but I guess that’s just not good enough

Posted by direwolff on July 24, 2006

Finally, some of the folks who ought to know how to interpret our Constitution and the laws of our land are standing up to the misguided, and at times inane, interpretations of our legal system that this current presidential administration has been making. This piece goes in depth to explain the impact of the outcome from a recent Supreme Court hearing on the so-called “enemy combatants” issues. And yes folks, in case you didn’t already know this, our president should be tried for war crimes as he has violated international treaties. This UPI article shares the perspectives of the American Bar Association (those damn bleeding heart liberals) as it relates to the actions the President “W” has taken to skirt the law.

Now let’s see how the president’s supporters defend these attrocities on our laws and the Constitution…’cause I’m sure they got a good answer for this one too.

Posted in Public Policy | Leave a Comment »

Privacy and security beyond our control

Posted by direwolff on July 20, 2006

Picked a bad day to depress myself by reading about privacy and security issues off of Bruce Schneier’s blog and then on to his latest Crypto-Gram. Thought I started the day on positive note, getting a lot of good work done and then at the realization that I hadn’t kept up with security reading, I decided to get that done. No regrets, but no joy in Mudville either.

So for all the noise you hear from people saying how they want to keep their information private and secure, what’s not often realized is that it’s actually all quite beyond our control despite our most valiant efforts. Why do I say this? Well, let’s see, I’ll start with the milder privacy issue and work my way up a heartier security issue (breach).

On the privacy side of things, how many people think that their business card is private? This has to be an interesting question because you can think of how many times you might have decided not to give someone your business card for whatever reason. Perhaps you didn’t like the person, or perhaps you just didn’t want them knowing who you were. Well imagine if every time you gave out your business card, you essentially were doing the equivalent of posting it to a big database for any one to have access to, at will, and without need for your permission. This is especially scary in an age where we’re now getting more comfortable adding our mobile phone numbers to our cards. Does this worry you? Well, there’s a company called Jigsaw, founded by some smart people that does just that, and because I know they mean no harm it forced me to think through what the implied privacy social contracts that go with handing someone your business card. Heck, Jigsaw even rewards its users for providing their contacts into their system by allowing them to get access to contacts they want.

So what’s the implied contract in a business card exchange? Well, I’m generally looking or have just met the person to whom I’m handing my contact information. Frequently, I give my card because I desire further contact with that person, and because chances are they have given me their card too then I know that we both have equal stakes in not violating the integrity of our meeting. This is also why it can be awkward to hand someone a business card and get none in return. You feel exposed almost, like you have nothing from the other person in this exchange.

With Jigsaw, this social contract goes out of the window, though the reality is that there was never a formal social contract to begin with. No matter how careful I am about whom I give my card to it no longer matters since they can then easily put it into Jigsaw and now any one can have it. The reality is that this could have happened any way for the asking. In other words, someone I met and gave a card to might have passed my card on to another colleague, but there’s still this link between us. With Jigsaw there doesn’t need to be any link. It’s one of those cases where the privacy one got in the business card exchange process was that there was no easy way to quickly disseminate this information widely and indiscriminately. Technology really helped play a role here. Kind of like the story of the waiter stealing your credit card, as it’s not practical for him to steal millions of them and easily sell them or monetize them, but online you hit one database and voila…millions of credit cards with which the savvy hacker can issue transactions right away and even simultaneously. Technology playing the role of disseminator. I guess this makes a good segue into the ‘security beyond our control’ issue.

Checkout this story about how 40 million credit cards were vulnerable to a hack. Imagine that, you sit around not doing business with any site or business you don’t trust, simply using your credit card for transactions with only reputable banks and merchants and just like that one of the companies in the transaction food chain get compromised. CardSystems Solutions suffered just such a breach.

Stories like this one really put it all in perspective for me. At the same time, at least in this country, I also realize that there’s no real desire by the credit card companies to really enforce security measures. In Europe, because of their expensive telecommunications fees, a simple security mechanism was put into place that forces a PIN to be entered for any credit card transaction. This PIN does not appear as 3 digits on the back of a card, it’s like the PIN one uses for ATM machines. The effect of this is that at least counterfeited signature fraud is thwarted, but it could also address the issue of transactions on the Net by doing an authentication on the spot before ever transmitting any information over the Net, and cards in a merchant’s database would be useless without the PIN authenticating step. I’m not trying to solve this problem here, but suffice it to say, there are solutions that are just not being attempted for reasons that have little to do with security.

So are we in control of our privacy and security? Certainly the lobbyists for the direct marketing industry would fight against this and explain it in economic terms and the harm it would do to their industry if people could own their own information. Even the Europeans, who have been stalwarts of privacy are now beginning to bow to U.S. pressure in the name of (dare I say it) “The War on Terror”.

OK, enough bantering and ranting for now, just know that in the areas of privacy and security, the citizens’ best interests are not those being fought for.

UPDATE: In an ironic twist, I was going to put a link to the CardSystems press release that I found off the Crypto-Gram reference list, and when I clicked on it ( I got the following error message (note: I’ve been using the new Flock browser which may have something to do with this, but nonetheless give me a break on the severity of security notification here. WIsh they’d thought of that when the 40 million cards were getting hacked into.):


Web Server Security Alert

This website uses a
special security software that monitors suspicious network traffic and
behavior. If you feel that you have caused this security error
unintentionally, please contact the website administrator at the address
below and be sure to include the reference ID in your message.

Email contact: Cardsystems
Client Relations

Reference ID:



Posted in Security/Privacy | Leave a Comment »

Security because it’s fashionable

Posted by direwolff on July 20, 2006

If this post from Bruce Scheneier’s “Scheneier on Security” blog doesn’t epitomize so many of the pseudo-security initiatives that have taken place in our country since 9/11 then nothing does. It’s almost like our Department of Homeland Security sits around saying, “we’ll enforce this security measure unless a strong enough lobby fights us on it”, where the issue of whether the security measure actually works or is even truly useful and hopes to prevent anything at all is not in question.

Scheneier hits this issue dead on, but I thought it worthwhile to provide a taste of the news story below so you see how outrageous this is getting:

Some passport exemptions likely: US Homeland Security Boss

The U.S. Secretary of Homeland Security said while in Edmonton on Tuesday that certain types of travel will be exempt from new regulations on border crossings between Canada and the U.S.

“In particular, we will not be, for example, including in this set of regulations a requirement for passports for ferries or private watercraft, recognizing that this is a particular form of transportation that we don’t want to interfere with,” said [Michael] Chertoff.

Like somehow terrorists aren’t going to be using ferries or private watercraft. Is any one listening when these people are talking or can they really say just about anything and get away with it?! Check out the picture in the article, our faithful leader stands right there supporting his handpicked administrator. Please!

Posted in Security/Privacy | Leave a Comment »

OpenDNS, the value is in the stream

Posted by direwolff on July 19, 2006

The comments on the new OpenDNS service on both the Photo Matt and TechCrunch blogs are interesting in so far as raising some of the basic pros and cons of this service. But as I think about the value for OpenDNS providing this free service, I ask myself, “how valuable is it to know users clickstreams?”.

If we consider companies like ComScore and Nielsen who have made their living from providing statistically significant information about the traffic to web sites, then I’d have to guess the answer to my question is “a lot”. While I don’t know the details on OpenDNS’ ability to identify users of its service, to the extent that they can even do this at a minimal level (ie. just know users by their clickstream not by any personally identifiable info), then they begin to enter the realm of behaviorial ad targeting companies too. Hmmm… sounds like they could be at the intersection of some pretty significant business models with what seems to be a lil’ harmless phishing blocker and spelling correcter.

Would love to read the business plan that justified the likely infrastructure that they have had to build to provide their service as this could be very telling of their plans.

Posted in Technology | 2 Comments »

"Trust us, we have nothing to hide”

Posted by direwolff on July 19, 2006

In Jason Ryan’s ABC News article, “White House Blocked Spy Program Probe“, you begin to see the extent to which our current administration is running amock, where even an oversight division within the Justice Department is being kept in the dark about what some of the other DOJ members are doing.

And with all that has transpired to date, it’s as though the administration and Attorney General feel they should simply be trusted. I’m still perplexed when I hear people refer to former President Clinton’s sexual indiscretion with greater disdain and as a cause for great lack of trust in government, than the totalitarian leaders we have in place today. Crazy.

Posted in Public Policy | Leave a Comment »

Google Checkout, a shot across the bow of…

Posted by direwolff on July 18, 2006

There’s been lots of talk about Google Checkout being a threat to Paypal.  Personally, while there may be implications there it’s not where I see the most significant threat.  The real threat is to all of the affiliate management service providers.  Companies like Linkshare (recently acquired by Rakuten), BeFree and Commission Junction (owned by ValueClick), who have been in the business of tracking sales driven from merchants’ affiliates.  Google recently hinted that it would be releasing a CPA (“cost per action”) model which is one of the business models supported by the affiliate systems.  While the positioning that it enables the foiling of the click fraud is a good one, the reality is that it also puts Google in a position to augment its available business models and move into the service areas currently under the auspieces of the affiliate management systems. 

To add to the introduction of the CPA model, the Google Checkout component is really the icing on the cake of their strategy, since it enables merchants to participate without requiring any software installation.  By having merchants encourage their customers to use Google Checkout, they gain the same tracking capabilities as they would through the affiliate systems.  However, because so many merchants already use Google for their other advertising needs through AdSense and AdWords, they can now manage all of their campaigns from one central dashboard.  Combine this with the fact that Google can leverage their AdSense business with merchants to provide free Google Checkout services, and you’ve got a pretty tough proposition for the likes of Linkshare and Commission Junction to really be able to compete with.

Click fraud has been around for much longer than any one will admit and only the affiliate system companies were aware of the level that it had reached, and were laughing from the sidelines knowing that their CPA and commission-based business models were immuned from this sort of activity.  With this game changing news, it will be interesting to see if they begin getting acquired by the likes of Yahoo!, MSN and AOL as a means of maintaining their competitive edge against Google, because going it alone may no longer be viable.  In the case of Linkshare and their parent Rakuten, their Japanese holdings are pretty significant so I’d worry less about them, but ValueClick may not necessarily have the firepower to combat Google on its own.  Needless to say, things should get interesting.

Posted in Online Community | Leave a Comment »