Shared posts

15 May 18:11

RE: Thinking About the Fluent Design System

Paul Thurrott:

With its Fluent Design System, Microsoft is finally moving past the flat world of Metro and embracing a model that works with many more devices and input types. But are they just making the same mistakes all over again?

No. If they are making any mistakes, it's not the same mistakes.

During a conversation that Microsoft officials had with the press and bloggers at Build 2017 this week, the firm explained that Fluent is “not a revolution” but is instead a “journey to a new point.” But put in the context of Microsoft’s sweeping strategy shift with Windows 10 and its embrace of a heterogeneous world of devices, most of which it does not control, I feel that Microsoft is undercutting the importance of this new design.

Microsoft may have downplayed Fluent in private conversations with press and bloggers, but that's not the impression I (and I suspect most others) took away when watching its public reveal. At the same time, based on what I've seen of Fluent, I don't think it's a revolution either. But even if it isn't, that doesn't necessarily make it any less important.

At this point in time, Fluent is incomplete and it has no hard release date or milestones. Instead, Microsoft seems to be sort of making it up as it goes along, and implementing Fluent design elements in a rather haphazard way. For example, there are a handful of Fluent design touches in some Windows 10 apps in the Creators Update. And Fluent will not be fully realized, or completed from a design perspective, by the time the Fall Creators Update ships in September.

I have mixed feelings about this. On the one hand, I'm relieved by this admission because although there are elements of Fluent already showing up in Windows, to fully realise the design vision set out by the system in the relatively short time between the spring and fall updates is asking for too much. And to promise otherwise would suggest this isn't a serious long-term play. However, much like how Microsoft's Surface hardware is in multi-year development before being announced, I'm curious why Fluent wasn't being fleshed out in secret in the five years since Windows 8's release. And for Build 2017 to have been used as the stage to finally drop Fluent not as mostly a concept with an associated set of goals, however ambitious, but as a proof-of-concept for developers to refer to immediately.

I wasn’t initially bothered by any of that. Mostly because Microsoft is doing a much better job of explaining its goals with Fluent than it did with Metro, its previous design language, back in 2010. At that time, Microsoft’s overly-pedantic designers beat us to death with overly-detailed and flowery explanations for why this design style—modeled after classic Swiss graphic design and transportation iconography—was so superior.

I disagree. Metro didn't need to be explained when it was revealed. It wasn't an abstract vision. It was elegantly executed.1 Fluent appears to be pre-pubescent in comparison. So much so, I'm still not entirely sure what Fluent is. And I don't think Microsoft does completely either in fact. Not yet anyway.

Microsoft never saw any real success with Metro, let alone in explaining it to the public. But this flat design style was later stolen by both Google (Material Design) and Apple (starting in iOS 7), and neither of those companies ever bothered to thank Microsoft for leading the way.

This paragraph bugs me.

Firstly, Windows Phone's failure isn't in any way connected to Metro. Android/iOS users didn't not switch to Windows Phone because of design xenophobia. As a design language it was a success. It is what drew me to Microsoft products. And I know many others.

Secondly, it is a gross over-simplification to suggest Google and Apple stole Microsoft's "flat design style". Not all design that rejects skeuemorphism is the same. Microsoft didn't invent this style; they may have popularised it digitally but it's such a broad style that I find it impossible to credit it to a single entity. Especially when there is a web of designers (pun intended) pushing new ideas on a daily basis.

Finally, Google and Apple hire smart people i.e. not the level of designers whose only reference point to guide their designs are their competitors'. Or I'd like to think so anyway.

Where Microsoft is stumbling, however, is in repeating some serious mistakes from the past. You may recall that Microsoft excitedly described a Longhorn future that would never happen at PDC 2003, and that the firm’s supposedly live code shown on stage was later revealed to be mocked-up demos that never evolved into an actual product.

Well, they’ve done it again. The Fluent designs that Microsoft showed off this week at PDC 2013, almost exactly ten years later, were clearly fake, and not running code. And it’s not clear that Windows or the other products that will utilize Fluent will ever look as good as those demos.

I don't know what demos Paul is referring to, but I don't think Microsoft were trying to mislead in the concept video. It was a vision they were communicating in a series of artifacts. Everything they shared after the reveal re-enforced this position. Having said that, I can relate with Paul's overall skepticism. Mine was softened though after watching a Build session showing off a sprinkling of Fluent goodness coming to Edge.

This is disheartening, and it makes my earlier points—that Microsoft is making this up as they go and has no clear schedule milestones—more troubling.

They are figuring things out. That's very different to making stuff up as they go. Design is a process. It is however puzzling, going back to my earlier point, that they haven't finalised the design many years after Windows 8.2

I’m not going to judge Fluent or Microsoft’s design intentions prematurely. But I do want to raise these issues now because the community is once again excited by a direction that may never be realized. And because the products that influenced Fluent—like HoloLens—will never be mainstream, leading me to wonder why the flat, 2D interfaces we actually do, and will, use should be changed unnecessarily.

Four of Fluent's five pillars (light, depth, motion, colour) can, if applied tastefully, result in a superior 2D interface. I have different concerns. And that is that developers are too excited by Fluent. The Windows UI team are absolutely killing it. But just because they now provide you with magic sauce doesn't mean you need to use it just so you can say you have. Restraint will be critical. Otherwise, all apps will look and feel the same. This lack of originality in apps will make for an inferior Store.

Consider the following: Back in the 1990s, Microsoft changed the toolbars in the key Office applications—Word, Excel, PowerPoint—to be as identical as possible so that users could transition from one application to the others more easily. This is the type of thing that makes sense to virtually everybody because it sounds logical enough. But what Microsoft later admitted is that this design change was done without any research at all—it just sounded right to them as well—and that when they later did do that research, they discovered a contrary truth: Human beings are pretty malleable, actually, and they have no problem using different user interfaces in different applications.

We probably lost decades of productivity to this mistake, and while it’s impossible to know how or if Word, Excel, PowerPoint or other productivity applications might have been made more efficient years ago, we can at least apply this learning to the present. And with Fluent, specifically, it’s unclear to me why a PC, phone, or tablet UI needs to be made consistent with a HoloLens or Mixed Reality headset UI.

Because they all run Windows. And Windows shouldn't feel different when it runs on PC vs any other device type. But that shouldn't stop it from having a bespoke UI that retains UI elements that make sense to and dumps and/or replaces ones that don't.

Consider the live tiles that everyone seems to love so much. This kind of interface, which provides “at a glance” live information on rectangular surfaces on a home screen makes tons of sense on a smartphone or even a small tablet. But it makes zero sense on a PC, especially when that interface is hidden in a Start menu you need to manually toggle. Live tiles are a great example of a UI not scaling between different form factors.

This is sort of correct. Live Tiles on Windows 8 made sense - when the Start Screen relegated the Desktop to being another app. But with the Start Screen becoming a tablet afterthought in Windows 10, I agree Live Tiles' role has become questionable. But that doesn't mean Live Tiles' design doesn't work on a PC - their location inside the Start menu doesn't (glanceable information isn't only useful in a mobile context). What makes Live Tiles Windows-y isn't where they live but what they are and I'm unconvinced that there's nowhere appropriate within Windows for them to exist.

Now consider the flipside. As you must know, one of the central successes of Windows 10 is that some of the current UIs actually do scale very nicely between different devices types: Just resize a UWP app like Groove or News into a phone-shaped portrait rectangle on your PC screen to see what I mean. So Microsoft may, in fact, be onto something, at least in some areas.

This is impressive, but not really something I take advantage of often. Mainly because I find in most apps' cases I never need to have them resized to be phone-like.

Don’t get me wrong, I don’t have any answers here, I’m just raising the question. We’ll have to see how Fluent evolves over time, and how broadly Microsoft introduces these design elements into its various software products. For now, I’m a bit nervous that they are just making the same mistakes all over again, but I’m likewise happy that they are at least trying, and seem interested in feedback. If they can approach Fluent with the same customer focus that they use with the Windows 10 Insider Preview, this may all work out just fine.

It's cool that Microsoft want to involve Windows Insiders (i.e. outsiders) in helping shape Fluent. But I'm hoping they're going to be used mostly for validation rather than direction. Strong design has personality. Like Metro. That will be difficult to achieve if you're being designed by whatever thousand number of Insiders.

1. No doubt helped by the groundwork laid out originally with Windows Media Centre and later refined in Zune.

2. I'm primarily ignoring Windows 10 because as far as design goes I didn't consider it ambitious and maybe even a regression (Start menu's return aside). Windows 8 was confident but maybe too confident. Windows 10's current staleness on the other hand can be linked to its primary goal of making amends for Windows 8's perceived missteps more than anything.

15 May 17:32

History strikes again

by Stephen Rees

bike path 30s

After the Greater London Council was abolished (1985), I managed to secure new employment with the Department of Transport. I went through a competitive recruitment process and was appointed an Economic Adviser (Grade 7) and my first assignment was to the Traffic Policy Branch. I think a lot of that was due to the fact that in the run up to abolition there had been a hard hitting campaign which was pointing out some of the lacunae in the government’s assessment of the task in front of it. For instance the GLC had one man who wrote all the traffic orders for the metropolitan area. After abolition, it looked like there would have to be 32 – one in each borough. Not exactly the great boost to efficiency that was predicted. I also happen to think that someone had a sense of humour since the Under Secretary I reported to at Traffic Policy was called Neville Rees.

Most of my time as the economist of the unit was to try and make some sense out the mess that had become of parking in the capital. The politicians, of course, insisted that it was simply a matter of the market producing the optimum solution. There was no market where the hidden hand could work its magic. There had to be policy and there had to be regulation, but mostly there had to effective enforcement – that had collapsed under the weight of indifference to traffic policing at Scotland Yard.

This is a good story but it will have to wait, because now we turn to what was going on in a quiet corner of the office. There were two engineers who were trying to improve the dreadful numbers of collisions involving cyclists. The cycling lobby was pushing hard for the government to promote cycling. The policy at the time was to resist any promotion at all, since the more people who cycled, the worse the casualty statistics. The engineers were coming up with real, hard engineering solutions. Finding safe routes, better separation and better sight lines at intersections. Their mantra was to make cycling safer – and every time they did more people started to use their bikes. And just to make this perfectly clear, their remit was national, not just London. Two engineers, tiny budget for a small number of carefully selected projects. No actual program to promote anything.

My father had been an avid cyclist. Back in the 1930’s car ownership was low, public transport was plentiful and cheap, but young people used cycles – especially for recreation, sport and commuting. When my Dad was evacuated out to Egham with the Public Control Department of the LCC (1939) , he rode his cycle back to Manor Park every weekend. He could do that because when the great network of road improvements was built – mainly as a way to relieve unemployment during the Great Depression – cycle paths were always added to these new roads. For instance the Great West Road, Eastern Avenue and the East Ham ByPass all come to mind.

When the cycling engineers and I talked about what they were trying to do, I mentioned this history to them. They were pretty dismissive. So imagine my surprise when I came across this article in the Atlas Obscura.  I knew these roads and had tried to use some of them in my own youth. By the late 1960s much of them were being used by residents along these roads to park their cars.

In the years that followed the construction of the cycleways, though, cars became the predominant form of transportation, and the bike lanes fell out of use. Even the Ministry of Transport forgot that it had built them. “Within 40 years, it had been lost in their own department that they were doing this,” says Reid. He read the ministry’s minutes going through the 1960s and found records of ministers saying that they’d never built anything like a bike highway before.

So once again, just like bringing back the trams, or re-opening the railway lines closed by Dr Beeching, Britain is now rediscovering what it lost in the rush to motordom. They could have done it thirty years earlier.


Filed under: bicycles, cycling, Road safety, Transportation Tagged: bike paths, cycle track, roads
15 May 17:31

Week 149 #dontbreakthechain

by Volker Weber

4e3d3d442bd9b622f718b9acd4398cca

Gestern gab es ein zusätzliches Achievement: Workout mit einer (!) Meile zu Fuß (oder dem Rollstuhl) und die "Mother's Day Challenge" war im Kasten. Ich habe das erst spät mitbekommen und bin noch mal raus.

Muttertag ist wie Vatertag kein welt-einheitliches Datum und so hatte Apple das nur für USA geschaltet. Wenn man die Watch auf die US-Region umschaltete, tauchte die Medaille auf und wurde nach dem Workout zugeteilt.

Das hat natürlich auch einen technischen Grund. Eine Meile Workout mit GPS reichen aus, um die Schrittänge zu kalibrieren. Damit kann die Watch in Zukunft besser aus dem Schrittzähler auf die Strecke schließen. Wer das noch nicht gemacht hat, sollte es nachholen. Outdoor Walk auf freiem Feld mit gutem GPS-Empfang für mindestens 15 Minuten.

07504cc8b1bb992bdeb2ba091a160054 14ad22f3464a9ea3e439d5af9b04031d

Alper, Anton und Jan sind ebenfalls noch mal raus, und André macht jetzt auch mit. :-)

15 May 17:31

Capturing Community Visitors

by Richard Millington

You can’t do too much about the number of lurkers in a community. You might be able to shift the metric (participants / registered visitors) by a percentage point or two, but this comes at a crippling opportunity cost.

And that opportunity cost is to capture your current visitors.

You should worry far less about lurkers and far more about visitors who never come back to your community at all.

When you build up a detailed profile of your visitors (the people that visit but don’t register), you will notice that the majority of these visitors were entirely satisfied with their community experience.

They visited, received an answer to their question, maybe browsed a few other pages, and left.
If they have another question, they will visit again. But that’s not very likely.

You will also notice that they are open to being surprised. If you can give them useful tips they can use, highlight some people to follow on Twitter about the topic, or prompt them to sign up for a relevant webinar, they would be interested. But it has to be really relevant to their situation.

This is really hard to do in most communities as it involves either manually going through your most popular discussions and adding/updating links or tweaking the technology to enable pop-ups or other notifications of something surprising.

But the opportunity is there. It’s a big opportunity. Most visitors leave your community entirely satisfied. What if you can keep them there and engage them in something exciting?

p.s. Podcast interview on all things entrepreneurship.

15 May 17:31

Twitter Favorites: [dale42] Just spent 2 hours organizing/deleting notes, references, ebooks & other collected hard-drive files. Curation feels good!

Dale McGladdery @dale42
Just spent 2 hours organizing/deleting notes, references, ebooks & other collected hard-drive files. Curation feels good!
15 May 17:31

Twitter Favorites: [dale42] I haven’t spent enough time on curation/introspection/review. Only just now feel like I have an organization that works for me.

Dale McGladdery @dale42
I haven’t spent enough time on curation/introspection/review. Only just now feel like I have an organization that works for me.
15 May 17:31

Twitter Favorites: [adamrg] @sillygwailo Turns out Apple is only 19% of Americans' favorite pie. As for Mom? She stuggles with the key "males… https://t.co/bTmixChPKg

Adam Gessaman @adamrg
@sillygwailo Turns out Apple is only 19% of Americans' favorite pie. As for Mom? She stuggles with the key "males… twitter.com/i/web/status/8…
15 May 17:31

A FIT-to-GPX Converter that Understands FIT Version 2

by Jeffrey Friedl

Nikon D4 + Voigtländer 125mm f/2.5 — 1/200 sec, f/2.5, ISO 6400 — map & image datanearby photos
That Face
when you realize that Garmin has screwed you yet again
( statue at the Ushio Kannon Temple — 牛尾観音 — described here )

I've complained for more than a decade about what a horrible company Garmin is (such as here in 2006, here in 2013, and here last year, among others). The only thing worse than their hardware design is their software design, but it's a strong competition to the bottom, backed by an apparent company-wide disdain for their customers.

The latest evidence of this disdain is new firmware for some of their cycling computers that renders them utterly incompatible with Garmin's own desktop software, and, for good measure, almost all other track-processing software in existence. Of course, this “feature” is not even hinted at in the release notes. In my case, they got me via a firmware update for the Garmin Edge 820 that I cycle with.

The problem is manifest in the “FIT” file that the unit produces after an activity, containing info about the activity (the route you took, the status of the sensors such as your heart rate along the course, etc.). Since the “FIT” file format was created by Garmin more than half a decade ago, it's been at “Version 1”, but this new firmware update bumped the FIT file format to “Version 2”. And that's the problem, because Garmin's own software can't handle Version 2 FIT files. If your workflow with Garmin's product relied on Garmin's products, you are screwed.

(If you relied on other, non-Garmin software, you're almost certainly screwed there as well, because almost nothing handles FIT Version 2. The only saving grace here is that Strava can handle a Version 2 FIT file, so a riot has been averted.)


Panasonic LX100 at an effective 24mm — 1/250 sec, f/5.6, ISO 200 — map & image datanearby photos
Garmin
( taken during this ride )

My after-ride processing requires a GPX file, which I used to convert to via the most-excellent GPS Babel, but like most other software, GPS Babel doesn't work with the new FIT files. So, I came up with a cheap substitute “fit2gpx” script that invokes the ANT+ consortium's “FIT to CVS” java utility under the hood. That utility does handle both Versions 1 and 2 FIT files, and perhaps will be kept up-to-date going forward, so even if Garmin decides to screw everyone again with a surprise-and-unsupported move to “Version 3”, perhaps we'll be covered.

Here's the script at GitHub:

“FIT to GPX” at GitHub

It's my first project to try GitHub with.


Panasonic LX100 at an effective 24mm — 1/125 sec, f/1.8, ISO 200 — map & image datanearby photos
Calm Thoughts
( from this ride )

As I mentioned, the script is cheap and kludgy; it does exactly what I need, but not much more. The GPX file it produces is not even standards compliant, because it uses simple Strava extensions not published as a DTD. This is why I'm trying GitHub, to allow others to make these changes if they like.


Panasonic LX100 at an effective 28mm — 1/125 sec, f/2.1, ISO 2500 — map & image datanearby photos
Life With Garmin
down a black hole
( from this ride )
15 May 17:30

Signing Away the Right to Get a New Job

15 May 17:30

Uber Has a Union of Sorts, but Faces Doubts on Its Autonomy

15 May 17:30

Some kind of super chevy retro yellow truck, the yellow was the best part! - 051020096182 added as a favorite.

by farfallorosso
farfallorosso added this as a favorite.

Some kind of super chevy retro yellow truck, the yellow was the best part! - 051020096182

15 May 17:30

Product or Project?

by Matt Richardson

This column is from The MagPi issue 57. You can download a PDF of the full issue for free, or subscribe to receive the print edition in your mailbox or the digital edition on your tablet. All proceeds from the print and digital editions help the Raspberry Pi Foundation achieve its charitable goals.

Image of MagPi magazine and AIY Project Kit

Taking inspiration from a widely known inspirational phrase, I like to tell people, “make the thing you wish to see in the world.” In other words, you don’t have to wait for a company to create the exact product you want. You can be a maker as well as a consumer! Prototyping with hardware has become easier and more affordable, empowering people to make products that suit their needs perfectly. And the people making these things aren’t necessarily electrical engineers, computer scientists, or product designers. They’re not even necessarily adults. They’re often self-taught hobbyists who are empowered by maker-friendly technology.

It’s a subject I’ve been very interested in, and I have written about it before. Here’s what I’ve noticed: the flow between maker project and consumer product moves in both directions. In other words, consumer products can start off as maker projects. Just take a look at the story behind many of the crowdfunded products on sites such as Kickstarter. Conversely, consumer products can evolve into maker products as well. The cover story for the latest issue of The MagPi is a perfect example of that. Google has given you the resources you need to build your own dedicated Google Assistant device. How cool is that?

David Pride on Twitter

@Raspberry_Pi @TheMagP1 Oh this is going to be a ridiculous amount of fun. 😊 #AIYProjects #woodchuck https://t.co/2sWYmpi6T1

But consumer products becoming hackable hardware isn’t always an intentional move by the product’s maker. In the 2000s, TiVo set-top DVRs were a hot product and their most enthusiastic fans figured out how to hack the product to customise it to meet their needs without any kind of support from TiVo.

Embracing change

But since then, things have changed. For example, when Microsoft’s Kinect for the Xbox 360 was released in 2010, makers were immediately enticed by its capabilities. It not only acted as a camera, but it could also sense depth, a feature that would be useful for identifying the position of objects in a space. At first, there was no hacker support from Microsoft, so Adafruit Industries announced a $3,000 bounty to create open-source drivers so that anyone could access the features of Kinect for their own projects. Since then, Microsoft has embraced the use of Kinect for these purposes.

The Create 2 from iRobot

iRobot’s Create 2, a hackable version of the Roomba

Consumer product companies even make versions of their products that are specifically meant for hacking, making, and learning. Belkin’s WeMo home automation product line includes the WeMo Maker, a device that can act as a remote relay or sensor and hook into your home automation system. And iRobot offers Create 2, a hackable version of its Roomba floor-cleaning robot. While iRobot aimed the robot at STEM educators, you could use it for personal projects too. Electronic instrument maker Korg takes its maker-friendly approach to the next level by releasing the schematics for some of its analogue synthesiser products.

Why would a company want to do this? There are a few possible reasons. For one, it’s a way of encouraging consumers to create a community around a product. It could be a way for innovation with the product to continue, unchecked by the firm’s own limits on resources. For certain, it’s an awesome feel-good way for a company to empower their own users. Whatever the reason these products exist, it’s the digital maker who comes out ahead. They have more affordable tools, materials, and resources to create their own customised products and possibly learn a thing or two along the way.

With maker-friendly, hackable products, being a creator and a consumer aren’t mutually exclusive. In fact, you’re probably getting the best of both worlds: great products and great opportunities to make the thing you wish to see in the world.

The post Product or Project? appeared first on Raspberry Pi.

15 May 17:29

How Etsy Ships Apps

by Sasha Friedenberg

In which Etsy transforms its app release process by aligning it with its philosophy for web deploys

illustration of a boat on a wave. There are several people in the boat, and the boat has a flag with an "E" on it.

Anchors Aweigh

Deploying code should be easy. It should happen often, and it should involve its engineers. For Etsyweb, this looks like continuous deployment.

A group of engineers (which we call a push train) and a designated driver all shepherd their changes to a staging environment, and then to production. At each checkpoint along that journey, the members of the push train are responsible for testing their changes, sharing that they’re ready to ship, and making sure nothing broke. Everyone in that train must work together for the safe completion of their deployment. And this happens very frequently: up to 50 times a day.

                                               TOPIC: clear
 mittens> .join                                TOPIC: mittens
   sasha> .join with mittens                   TOPIC: mittens + sasha
 pushbot> mittens, sasha: You're up            TOPIC: mittens + sasha
   sasha> .good                                TOPIC: mittens + sasha*
 mittens> .good                                TOPIC: mittens* + sasha*
 pushbot> mittens, sasha: Everyone is ready    TOPIC: mittens* + sasha*
  nassim> .join                                TOPIC: mittens* + sasha* | nassim
 mittens> .at preprod                          TOPIC: <preprod> mittens + sasha | nassim
 mittens> .good                                TOPIC: <preprod> mittens* + sasha | nassim
   sasha> .good                                TOPIC: <preprod> mittens* + sasha* | nassim
 pushbot> mittens, sasha: Everyone is ready    TOPIC: <preprod> mittens* + sasha* | nassim
 mittens> .at prod                             TOPIC: <prod> mittens + sasha | nassim
 mittens> .good                                TOPIC: <prod> mittens* + sasha | nassim
     asm> .join                                TOPIC: <prod> mittens* + sasha | nassim + asm
   sasha> .good                                TOPIC: <prod> mittens* + sasha* | nassim + asm
     asm> .nm                                  TOPIC: <prod> mittens* + sasha* | nassim
 pushbot> mittens, sasha: Everyone is ready    TOPIC: <prod> mittens* + sasha* | nassim
 mittens> .done                                TOPIC: nassim
 pushbot> nassim: You're up                    TOPIC: nassim
    lily> .join                                TOPIC: nassim | lily

This strategy has been successful for a lot of reasons, but especially because each deploy is handled by the people most familiar with the changes that are shipping. Those that wrote the code are in the best position to recognize it breaking, and then fix it. Because of that, developers should be empowered to deploy code as needed, and remain close to its rollout.

App releases are a different beast. They don’t easily adapt to that philosophy of deploying code. For one, they have versions and need to be compiled. And since they’re distributed via app stores, those versions can take time to reach end users. Traditionally, these traits have led to strategies involving release branches and release managers. Our app releases started out this way, but we learned quickly that they didn’t feel very Etsy. And so we set out to change them.

Jen and Sasha

photo of Sasha Friedenberg and Jen MacchiarelliWe were the release managers. Jen managed the Sell on Etsy apps, and I managed the Etsy apps. We were responsible for all release stage transitions, maintaining the schedule, and managing all the communications around releases. We were also responsible for resolving conflicts and coordinating cross-team resources in cases of bugs and urgent blockers to release.

Ready to Ship

A key part of our job was making sure everyone knew what they’re supposed to do and when they’re supposed to do it. The biggest such checkpoint is when a release branches — this is when we create a dedicated branch for the release off master, and master becomes the next release. This is scheduled and determines what changes make it into production for a given release. It’s very important to make sure that those changes are expected, and that they have been tested.

For Jen and me, it would’ve been impossible to keep track of the many changes in a release ourselves, and so it was our job to coordinate with the engineers that made the actual changes and make sure those changes were expected and tested. In practice, this meant sending emails or messaging folks when approaching certain checkpoints like branching. And likewise, if there were any storm warnings (such as show-stopping bugs), it was our responsibility to raise the flag to notify others.

list of words indicating various responsibilities for release managersThen Jen left Etsy for another opportunity, and I became a single-point-of-failure and a gatekeeper. Every release decision was funneled through me, and I was the only person able to make and execute those decisions.

I was overwhelmed. Frustrated. I was worried I’d be stuck navigating iTunes Connect and Google Play, and sending emails. And frankly, I didn’t want to be doing those things. I wanted those things to be automated. Give me a button to upload to iTunes Connect, and another to begin staged rollout on Google Play. Thinking about the ease of deploying on web just filled me with envy.

This time wasn’t easy for engineers either. Even back when we had two release managers, from an engineer’s perspective, this period of app releases wasn’t transparent. It was difficult to know what phase of release we were in. A large number of emails was sent, but few of them were targeted to those that actually needed them. We would generically send emails to one big list that included all four of our apps. And all kinds of emails would get sent there. Things that were FYI-only, and also things that required urgent attention. We were on the path to alert-fatigue.

All of this meant that engineers felt more like they were in the cargo hold, rather than in the cockpit. But that just didn’t fit with how we do things for web. It didn’t fit with our philosophy for deployment. We didn’t like it. We wanted something better, something that placed engineers in front of the tiller.

Ship

screenshot showing Etsy's Ship's main page

So we built a vessel that coordinates the status, schedule, communications, and deploy tools for app releases. Here’s how Ship helps:

  • Keeps track of who committed changes to a release
  • Sends Slack messages and emails to the right people about the relevant events
  • Manages the state and schedule of all releases

It’s hard to imagine all of that abstractly, so here’s an example:

Captain’s Log

Monday

  • A cron moves the release into “Testing” and generates testing build v4.64.0.52.
  • Ship is notified of this and sends an email to Alicia with the build.
  • Alicia installs the build, verifies her changes, and tells Ship she’s ready.

Tuesday

Wednesday

  • The final testing finds no show-stopping issues
  • A cron submits v4.64.0 to iTunes Connect for review.

Friday

  • A cron checks iTunes Connect for the review status of this release, and updates Ship that it’s been approved.
  • Ship emails Alicia and others letting them know the release is approved.

Tuesday

  • A cron releases v4.64.0.
    (Had Alicia committed to our Android app, a cron would instead begin staged rollout on Google Play.)
  • Ship emails Alicia and others letting them know the release is out in production.

Wednesday

  • Ship emails a report of top crashes to all the engineers in the release (including Alicia)

Before Ship, all of these components above would’ve been performed manually. But you’ll notice that release managers are missing from the above script; have we replaced release managers with all the automations in Ship?

photo of Etsy listing featuring a flag used by nautical ships to communicate: the flag says "I require a pilot"

Release Drivers

Partially. Ship has a feature where each release is assigned a driver.

screenshot showing Etsy's Ship's driver section. The driver in this case is Hannah Mittelstaedt

This driver is responsible for a bunch of things that we couldn’t or shouldn’t automate. Here’s what they’re responsible for:

  • Schedule changes
  • Shepherding ‘ready to ships’ from other engineers
  • Investigating showstopping bugs before release

Everything else? That’s automated. Branching, release candidate generation, submission to iTunes Connect — even staged rollout on Google Play! But, we’ve learned from automation going awry before. By default, some things are set to manual. There are others for which Ship explicitly does not allow automation, such as continuing staged rollout on Google Play. Things like this should involve and require human interaction. For everything else that is automated, we added a failsafe: at any time, a driver can disable all the crons and take over driving from autopilot:

screenshot of Etsy's Ship showing the various automation options that can be set on a per-releases basis.

When a driver wants to do something manually, they don’t need access to iTunes Connect or Google Play, as each of these things is made accessible as a button. A really nice side effect of this is that we don’t have to worry about provisioning folks for either app store, and we have a clear log of every release-related action taken by drivers.

Drivers are assigned once a release moves onto master, and are semi-randomly selected based on previous drivers and engineers that have committed to previous releases. Once assigned, we send them an onboarding email letting them know what their responsibilities are:

screenshot of Etsy's Ship's driver onboarding email

Ready to Ship Again

The driver can remain mostly dormant until the day of branching. A couple hours before we branch, it’s the driver’s responsibility to make sure that all the impacting engineers are ready to ship, and to orchestrate efforts when they’re not. After we’re ready, the driver’s responsibility is to remain available as a point-of-contact while final testing takes place. If an issue comes up, the driver may be consulted for steps to resolve.

And then, assuming all goes well, comes release day. The driver can opt to manually release, or let the cron do this for them — they’ll get notified if something goes wrong, either way. Then a day after we release, the driver looks at all of our dashboards, logs, and graphs to confirm the health of the release.

Bugfixes

But not all releases are planned. Things fail, and that’s expected. It’s naïve to assume some serious bug won’t ship with an app release. There’s plenty of things that can and will be the subject of a post-mortem. When one of those things happens, any engineer can spawn a bugfix release off the most-recently-released mainline release.

diagram showing how a bugfix branch comes off of an existing release branch and not master

The engineer that requests this bugfix gets assigned as the driver for that release. Once they branch the release, they make the necessary bugfixes (others can join in to add bugfixes too, if they coordinate with the driver) in the release’s branch, build a release candidate, test it, and get it ready for production. The driver can then release it at will.

State Machine

Releases are actually quite complicated.

diagram indicating the state machine that powers Etsy's Ship

It starts off as an abstract thing that will occur in the future. Then becomes a concrete thing actively collecting changes via commits on master in git. After this period of collecting commits, the release is considered complete and moves into its own dedicated branch. The release candidate is then built from this dedicated branch, which then gets thoroughly tested, and moved into production. The release itself then concludes as an unmerged branch.

Once a release branches, the next future release moves onto master. Each release is its own state machine, where the development and branching states overlap between successive releases.

Notifications: Slack and Email

screenshot showing a notification sent via Slack

Plugged into the output of Ship are notifications. Because there are so many points of interest en route to production, it’s really important that the right people are notified at the right times. So we use the state machine of Ship to send out notifications to engineers (and other subscribers) based on how much they asked to know, and how they impacted the release. We also allow anyone to sign up for notifications around a release. This is used by product managers, designers, support teams, engineering managers, and more. Our communications are very targeted to those that need or want them.

In terms of what they asked to know, we made it very simple to get detailed emails about state changes to a release:

screenshot of Etsy's Ship showing the subscription options for engineers and non-engineers on a per-release basis

In terms of how they impacted the release, we need to get that data from somewhere else.

Git

We mentioned data Ship receives from outside sources. At Etsy, we use GitHub for our source control. Our apps have repos per-platform (Android and iOS). In order to keep Ship’s knowledge of releases up-to-date, we set up GitHub Webhooks to notify Ship whenever changes are pushed to the repo. We listen for two changes in particular: pushes to master, and pushes to any release branch.

When Ship gets notified, it iterates through the commits and uses the author, changed paths, and commit message to determine which app (buyer or seller) the commit affects, and which release we should attribute this change to. Ship then takes all of that and combines it into a state that represents every engineer’s impact on a given release. Is that engineer “user-impacting” or “dark” (our term for changes that aren’t live)? Ship then uses this state to determine who is a member of what release, and who should get notified about what events.

Additionally, at any point during a release, an engineer can change their status. They may want to do this if they want to receive more information about a release, or if Ship misunderstood one of their commits as being impacting to the release.

Deployinator

Everything up until has explained how Ship keeps track of things. But there’s been no explanation for how some of the automated actions affecting the app repo or things outside Etsy occur.

We have a home-grown tool for managing deploys called Deployinator, and we added app support. It can now perform mutating interactions with the app repos, as well as all the deploy actions related to Google Play and iTunes Connect. This is where we build the testing candidates, release candidate, branch the release, submit to iTunes Connect, and much more.

We opted to use Deployinator for a number of reasons:

  • Etsy engineers are already familiar with it
  • It’s our go-to environment for wrapping up a build process into a button
  • Good for things that need individual run logs, and clear failures

In our custom stack, we have crons. This is how we branch on Tuesday evening (assuming everyone is ready). This is where we interface with Google Play and iTunes Connect. We make use of Google Play’s official API in a custom python module we wrote, and for iTunes Connect we use Spaceship to interface with the unofficial API.

Seaworthy

The end result of Ship is that we’ve distributed release management. Etsy no longer has any dedicated release managers. But it does have an engineer who used to be one — and I even get to drive a release every now and then.

People cannot be fully automated away. That applies to our web deploys, and is equally true for app releases. Our new process works within that reality. It’s unique because it pushes the limit of what we thought could be automated. Yet, at the same time, it empowers our app engineers more than ever before. Engineers control when a release goes to prod. Engineers decide if we’re ready to branch. Engineers hit the buttons.

And that’s what Ship is really about. It empowers our engineers to deliver the best apps for our users. Ship puts engineers at the helm.

15 May 17:29

Unreleased BlackBerry ‘Ontario’ is a trip down memory lane

by Igor Bonifacic
BlackBerry 10

What if?

It’s a question that BlackBerry fans have repeatedly asked themselves many times these past years. What if the company had done things differently? What if it had adopted Android earlier?

We’ll never know the answer to those questions, but it’s still fun to ask them, especially when a new unreleased device escapes the company’s vaults. CrackBerry has published images of ‘Ontario,’ a high-end all-touch BB10 device that started to make the rumour mill rounds in 2014.

BlackBerry Ontario

At the time, Ontario was rumoured to feature a Snapdragon 800 processor, 2GB of RAM. Designed to succeed the Z30, it was also slated to be one of the first devices to ship with BB 10.3, which was unreleased at the time.

Mentions of Ontario started to percolate at the same that we started hearing about Windemere. In the end, Windemere became the Passport, as well as the first device to ship with BlackBerry 10.3.

It was at this stage that BlackBerry started to experiment with Android, as evidenced by the existence of a Passport Silver Edition preloaded with Android.

What do you think of Ontario? Had it come out, would you have bought the device at the time?

Source: CrackBerry

The post Unreleased BlackBerry ‘Ontario’ is a trip down memory lane appeared first on MobileSyrup.

15 May 17:29

“It’s Not About You, It’s about Us” Lessons for Vancouver Art Gallery?

by Sandy James Planner

There is a fundamental change in philosophy in public facilities such as art galleries and museums being globally embraced. In the last decade architects attempted to make buildings less about public function and more about their own personal stamp and message. That is evident in Gehry’s Museum of Pop Culture in Seattle which has been called “the unusual-looking building made of curves instead of corners and infamously described by a New York Times architecture critic as “something that crawled out of the sea, rolled over and died”.

experience-music-project

Frank Gehry-Museum of Pop Culture

This also happened in Toronto.  The Globe and Mail article written by Alex Bozicovic details the not so subtle attempt of Toronto’s Royal Ontario Museum (ROM) to “fix” the starchitect Daniel Liebskind “Crystal” addition which opened in 2007.  As stated by the museum’s CEO, “After you’ve lived somewhere for a while you begin to think about how it can suit you better.” And you worry less about the flashy bits and more about the bones.”

rom-2280x1564

Daniel Liebskind-Royal Ontario Museum-The Crystal

Here is what Daniel Liebskind said about his original proposal:  “Why should one expect the new addition to the ROM to be ‘business as usual’? Architecture in our time is no longer an introvert’s business. On the contrary, the creation of communicative, stunning and unexpected architecture signals a bold re-awakening of the civic life of the museum and the city.”  Yes it was certainly the talk of the town but in a more disruptive way. While the building had the “wow” factor in terms of being visually different, it did not roll out the welcome mat-it had heavy Costco-like doors, was crowded, uncomfortable, and didn’t attract the high numbers of forecasted visitors. The museum wanted to make the museum as welcoming as possible, so they are reopening the entrance to a 1930’s wing, and reconfiguring that rotunda to become a lobby. Everything old about attracting and creating the public is new again.

This rediscovery of the importance of the visitor experience “reflects a new focus for architecture in institutions such as this: not in making showpieces, but on the nuts and bolts of making places that work.” The point, says the CEO of the Royal Ontario Museum, is that “the whole thing says, come on in”.

Meanwhile, the Audain Art Museum in Whistler designed by  British Columbia based Patkau architects is getting rave reviews-and a generous multi-million dollar portfolio of 197 works of art have been gifted by Vancouver philanthropist Bob Rennie to the National Art Gallery. Both these fine collections could have had a local home had the conditions been different.

The  Vancouver Art Gallery might want to  explore the customer friendly concept, making the consumer experience about the gallery just as important as their starchitect’s vision. While its great that their program requirements make it perfect for art exhibitions, it also should be a warm welcoming building that is easily supported and visited by citizens, with public plazas, places to meet and to rest. Somehow the current design and strategy does not say “Come on in”.


15 May 17:29

Bike To Work Week — 2017 Spring Edition

by Ken Ohrn

social_media_image_2_4May 29 to June 4, 2017.

For friendly competition, nifty prizes and a chance to do something completely different, why not sign up for Bike to Work Week??

From a standing start in 2007, BtWW has become big, and a part of life in Vancouver. The 2016 spring event alone attracted 11,602 registered riders, with 1,963 riding to work for the first time.

This year, over $ 20,000 in prizes include a bike a day, and the grand prize is an 8-day cycling adventure for 2 along the Dalmatian Coast of Croatia. (By Exodus Travels).

Another goodie: A pass for Mobi.  Try two things at once.

BtWW.25.May.2015.a.m.03

BtWW May 25, 2015;  8:56 am.

It’s free to register, free to form teams, free to log your trips, and free to hang around the celebration stations for bikey talk, munchies, drinks, bike mechanic services, and extra giveaways.


15 May 17:29

The Apophenic Machine

by Molly Sauter

Think of a network graph. A simple one with just a few nodes and connecting lines spidering out. It makes intuitive sense. Even if it’s one of those brightly colored clustered network graphs with thousands of points and connections, you can still grasp what it’s trying to tell you.

Now imagine one of those conspiracy walls that turn up in TV shows or movies to depict a character’s obsessiveness: a hodge-podge of pictures, maps, clippings, and scrawled notes, stuck up with push pins and (usually) connected with red thread. These “crazy walls,” as Esquire dubbed them in 2015, are different from, say, the cops’ big board on The Wire, partly because of their flagrant chaos but also because of their amateurish exuberance. Where the big board conveys planning, restraint, and verification protocols — the idea that police are not jumping to conclusions — the “crazy wall” is all about the joy of the jump. It’s practically kinetic, a pas de deux where pattern-spotting has pulled some sad-sack loner into the rhythms of connection-making obsession. He tries to bind down reality with that red string, tying it to the wall to try to force some sense out of it, but his perspective is always too limited, too circumscribed by isolation. It’s an impressive imaginative trick, as if someone tried to draw blueprints of the house they’re living in without leaving the cupboard under the stairs. They might be interesting to look at, but almost certainly would tell you more about the artist and their hiding place than the structure of the house.

When we impose patterns or relationships on otherwise unrelated things, we call it apophenia. When we create these connections online, we call it the internet

When one of these walls appears in a show, the reveal is usually drawn out. A series of close-ups, teasing all the hyperconnectivity, and then the camera pulls back so you can get it all at once: the spider web of thread, with the specific data points fading out of focus. In that climactic, holistic moment, before the fractal elegance of the star-burst-spider-web-spiral goes to pieces in the incohesiveness of its conscripted data scraps, it’s quite beautiful. It really looks like a network graph.


A medium’s materiality affects the way we can think with it. Before there were books, the slow, sequential access afforded by scrolls insisted on long, linear narrative time., and a common pattern of engagement between authors and audiences. The rise of bound books permitted access to information in any sequence, folding time into space with the aid of indexes, numbered pages, and tables of contents. The printing press further separated the conditions under which texts were created and consumed, allowing for far wider distribution and a broader conception of reader and audience.

Now we have hyperconnectivity, networks on networks on networks. We are interpolated in continent-sprawling power grids and world-spanning logistical systems that connect sweatshops to the corner bodega and the Amazon package in the hall. And that is before we even get to the web, the social media on your phone, the endless data storage in sprawling server farms, and the interwoven state and corporate surveillance conglomerations peeking out at you from between pixels.

The modern condition is networked, and thus modern thought is networked too — or it at least tries to be. But not in the open, expansive way that techno-utopianists hoped. John Perry Barlow, in his 1996 “Declaration of the Independence of Cyberspace,” perhaps the guiding document of techno-utopianism, called the nascent popular internet the “civilization of the Mind in Cyberspace,” a world of “identities” but not “bodies,” a place to be governed only by “the Golden Rule,” “ethics, enlightened self-interest, and the commonweal.” In the new networked age, all of humanity’s thought and feeling would blend together in a “seamless whole,” “from the debasing to the angelic,” and be “reproduced and distributed infinitely at no cost.” Yet we did not leave our bodies behind in the 1990s. Our basic unit of action is not a seamless joining together, as Barlow optimistically described, and we certainly have not fused into a new and greater whole. We are not in the network; we are on it.

Instead, the basic unit of action is the link. It is the leap — between pages, between ideas, between people and personas. This leaping ability across and between sites has been core to the web’s functionality and its pleasures. Legal and technical battles over “deep linking” have time and again confirmed the centrality of user-defined links, at the expense of website owners’ control over the manner in which their content is accessed. The “Wikipedia race,” a game that became popular after Wikipedia launched in 2001, epitomizes this preference for self-determined web surfing: players picked two arbitrary Wikipedia pages, a starting place and a finish line, and then jumped from link to link to link, seeing who could connect the two in the fewest ecstatic hops.

To navigate the web is to beat a path through a labyrinth of links left by others, and to thereby create associative links yourself, unspooling them like a guiding thread onto a floor already carpeted with such connections. Each thread of connection is unique, individualized: everyone draws their own map of the network as they navigate it.

Humans are storytellers, pattern-spotters, metaphor-makers. When these instincts run away with us, when we impose patterns or relationships on otherwise unrelated things, we call it apophenia. When we create these connections online, we call it the internet, the web circling back to itself again and again. The internet is an apophenic machine.

Though conspiracy theories are, in essence, a social side-effect of human pattern-spotting behavior, the internet’s structure has encouraged a similar obsessiveness. As Kathleen Stewart notes in “Conspiracy’s Theory Worlds,” “the internet was made for conspiracy theory: it is a conspiracy theory: one thing leads to another, always another link leading you deeper into no thing and no place, floating through self-dividing and transmogrifying sites until you are awash in the sheer evidence that the internet exists.”

Like Job, conspiracy theorists struggle against a system that ultimately tells them there is no explanation that’s within their capacity to understand

Conspiracy theories are a reactive interpretive mode that, according to Stewart, allows theorists to maintain a sense of personal agency while disclaiming responsibility. In positing that it all really can be traced back to the Masons or gray-skinned aliens, the conspiratorial mode asserts that individuals — including the conspiracy theorists themselves — could have traceable, observable power and influence over world events and systems that otherwise seem diffuse, uninterpretable and unguidable. “Conspiracy theorists are, I submit, some of the last believers in an ordered universe,” Brian L. Keeley writes in his essay “Of Conspiracy Theories. “By supposing that current events are under the control of nefarious agents, conspiracy theorists entail that such events are capable of being controlled.”

Though reactive, then, the conspiratorial mode is not in and of itself irrational. Consider what it now reacts to: in Stewart’s words, “the networked world of systems and power, the constant shock waves that never quite wake us from the dream world of late capitalism but replicate states of anesthesia and obsession.” As a way to comprehend one’s place within complex global networked capitalism — where actors like Maersk, Walmart, or ExxonMobil organize world-spanning feats of logistics, extraction, and finance-backed violence, or where the Catholic Church priest abuse scandal was front-page news across the globe for years — world-building in the conspiratorial, paranoid mode seems not unreasonable. It finds intentionality and a purposeful human hand where other epistemologies might see, as Keeley puts it, only the “absurdism of an irrational and essentially meaningless world.”

Like Job, conspiracy theorists are full of faith that there must be a graspable explanation for the world around them. And, like Job, they struggle against a system that ultimately tells them there is no explanation that’s within their capacity to understand.

When faced with a global catastrophe that is simultaneously the responsibility of no one and everyone, there is a human preference to replace that chaos with narrative. Climate change, like global capitalism, is too immense for specific, recognizable heroes and villains, but that doesn’t mean people won’t try to construct a narrative with the tools nearest to hand. The ClimateGate conspiracy, which unspooled initially in late 2009, posited that a small group of scientists tried to bury findings that disputed the theory of human-caused climate change. It was promoted by the Lavoisier Group, which represents itself as a “dads army” of concerned citizens, but is actually composed of retired mining engineers and others with connections to the Austrailian extraction industry. To promulgate its concerns, the group produced a nearly 200-page document analyzing a cache of scientists’ emails, exfiltrated from the Climatic Research Unit at the University of East Anglia. The document’s slick cover depicted the UN’s Intergovernmental Governmental Panel on Climate Change as the Titanic, heading for an polar-bear-topped iceberg emblazoned with the word TRUTH. Inside, the conspiracist curators insert themselves in the material they’ve acquired, assuming the character of calm, collected protagonists amid the havoc, the only ones who really get it, peppering the scientists’ emails with asides like “You’ve got to be kidding!”; “I thought these fellows didn’t believe in blogs!”

The Lavoisier document would appear to be a cynical attempt to unsettle political debates about global warming, but the kind of power it ascribes to a handful of climate scientists also indicates a basic, desperate desire to believe that anyone at all is in charge — that a central, coordinated agenda really does exist as an alternative to the apocalyptic chaos driving carbon extraction.

If financialized capital excels at dispersing agency, blending villainy with bureaucracy and good intentions, networks (like conspiracy theories) excel at creating the illusion of the world as graspable, strung together with links even as the socially contingent markers of importance, trust, and validity are increasingly on the fritz. The Lavoisier Group’s ClimateGate document, a conspiratorial rainbow wrapped in just-folks authenticity, shows how a supporting web of cross-references can be sewn from opportunistically acquired network detritus.


There is no bycatch in the conspiratorial mode — it refuses to countenance the existence of the inadvertent, the casual, or the incidental. Everything encountered in the course of hunting for the conspiracy is important, even banal everyday minutiae. Email databases, which are loaded with such minutiae (and a wealth of metadata), thus present the conspiracy theorist with rich material. In the conspiratorial mode, sheer availability is the primary criterion for significance.

The default data hoarding inherent to much of the current internet makes it ripe for conspiracy building. All that’s needed is a flood of attention on a body of information to trigger conspiratorial linkages to life. And as the public has become trained in enjoying conspiratorial thinking as a mode of entertainment — not merely watching others solve mysteries but actively participating in deepening and unfolding them — a reservoir of attention lies waiting to be tapped.

Trends in popular culture reflect audiences’ growing comfort with conspiratorial thinking. TV shows like Lost, True Detective, Orphan Black, Westworld, and The OA are constructed like conspiracies themselves, with with webs of interconnection, opaque symbolism, and internal and external reference that reward intense engagement. This is often bolstered by other materials on the web — official websites for in-universe corporations or characters, (sometimes further seeded with easter eggs) and active online fan communities. Alternate-reality games, like I LOVE BEES, Why So Serious, or Frog Fractions, have also grown in popularity. These blend digital and analog elements and require active engagement and cooperation among a large diverse player base. These types of hermeneutic media become cultural primers in how we can find conspiracies wherever we look, how these conspiracies can constitute a community of solvers, and how the web is ideally structured to build and disseminate conspiratorial storytelling experiences.

That is, they encourage the “paranoid-critical mode,” a Surrealist method developed by Salvador Dalí. In Delirious New York, Rem Koolhaas described it as the “synthetic reproduction of the paranoiac’s way of seeing the world in a new light — with its rich harvest of unexpected correspondences, analogies, and patterns.” It involves the “fabrication of objectifying ‘souvenirs’ of the paranoid tourism, of concrete evidence that brings the ‘discoveries’ of those excursions back to the rest of mankind.” The paranoid-critical mode pushes linkages and connectivity while also centering a romantic individualist mythos of the ordinary person who uncovers a world-bending conspiracy or, better yet, discovers that they are (and have always been) at the center of it all. This may be grandiose, but it stands in satisfying contrast with the dry nihilism of a conspiracy-less world.

#Pizzagate is a manifestation of this kind of “paranoid tourism.” It suggests what happens when the act of linking and the conspiratorial mode of thinking become mainstream interpretive tools to force sense out of a world that seems otherwise uninterested in making any.

Sometime in the spring of 2016, the personal email of John Podesta, the chairman of Hillary Clinton’s presidential campaign, was hacked, and the contents passed to Wikileaks. Wikileaks then released the contents in a series of dramatic, social-media-spun drops over the course of several weeks leading up to the U.S. presidential election. As each new cache dropped, people converged to comb through the emails, comparing notes and hunches on several different subreddits and chan message boards. On Reply All, the moderator of the Reddit board the_donald, one of the central hives of this analytic engagement, explained, “When Wikileaks was coming out, the_donald kind of spearheaded that effort where we crowdsourced the investigation. We said, ‘OK, listen, they’re dumping thousands of pages a day, no single person can go through this,’ so we essentially would post the Wikileaks article on the top and say, ‘OK, go through this, and everyone post what you find.’”

Michael Fortun, in his examination of conspiracy theorists and quantum physics, notes that “paranoiacs do not look, they find.” As they search for the narrative-based, human-readable networks undergirding their reality, conspiracy theorists, like quantum physicists, “do not simply weigh and measure it, but they create it with their instruments.”

A sense of ubiquitous relevance has been reinforced by the broader acceleration of filter bubbles, which are becoming a kind of bespoke reality. Events can be presumed relevant because they were encountered at all

Drawing from strategies of apophenia, pareidolia, and hermeneutic symbolist analysis, #Pizzagate tells a familiar conspiratorial narrative about the immoral and corrupt nature of power. It echoes ancient preoccupations with the sexual deviances of the powerful, something that can also be seen in the anti-Catholic and anti-Masonic conspiracy theories that, as Richard Hofstadter has pointed out, flourished in early days of America. It also adds the modern obsessions with sex trafficking, child pornography, and Satanism, invoking the day-care Satanic abuse panics of the 1980s and 1990s.

Throwing out their net for evidence, #Pizzagaters assigned deep significance to T-shirt slogans and references to the Comet Ping Pong pizza shop holding “all ages shows.” They took pictures of signs of neighboring businesses and compared them with a leaked FBI document of pedophilic icons and images, claiming to find multiple echoes and references. Everything was held to be significant.

That sense of ubiquitous relevance has been reinforced by the broader acceleration of filter bubbles, which are becoming a kind of bespoke reality, delivered through a handful of networked screens. These screens are both displays you see the world through and sorting sieves, filtering it according to your networked identity (who you were, who you are, who the network will shape you to be as it presents you with new material). So events or data points can be presumed relevant because they were encountered at all, as they are derived from your personal string of encounters and linkages. When our personal bubbles are cross-referenced with algorithmic assessments of our cohort — when our bubbles are shaped not only by our behavior but by that of those whose data patterns resemble ours — incidental shared qualities among dispersed groups can become defining characteristics of shared world views, shared realities. The potential of a recommendation converting into a click, a like, a link, a viral moment, means it will be pushed into the path of hundreds or thousands of people, creating a shared link in their networked reality chain. In the conspiratorial mode, we know there is some reason we are being shown the reality we are seeing; we just need to make more connections to figure it out. We reverse-engineer our personal apophenic link-chain for the narrative we want to already be there.

The conspiratorial mode is defined by such an overabundance of meaning-making. Apophenic instincts run rampant, absorbing all data into the system of explanation. As Keeley notes, “Conspiracy theories always explain more than competing theories, because by invoking a conspiracy, they can explain both the data of the received account and the errant data that the received theory fails to explain.” That is, conspiracy theories take the apparent virtues of unified explanation and explanatory reach and pervert them. Absence of evidence becomes in itself evidence to be mined.

This ingrained attitude makes a conspiratorial approach well-suited to WikiLeaks-style data dumps or email caches like the one that spawned Climategate. Unlike mainstream news sources, which have to consider the chain of custody and the likelihood that the database had been tampered with, a conspiracist moves without restriction and might even see the mainstream reluctance as proof that there are devastating secrets in the material.

Because the conspiratorial mode in part aims to re-center people as the evil geniuses of global systems — and as potential heroic saviors — powerful people never do anything that’s strictly personal. Because they are meant to serve as avatars of agency, everything they do must have broader relevance, and is available ultimately to be mixed and matched in our filter-bubble realities. Everything they do must refer back to their conspiratorial roles, so their lives are understood as Machiavellian at all levels, always concerned with concealment and secret keeping. In denying these perceived power players their private lives, the conspiratorial mode also denies them human, emotional responses to the events around them.

As #Pizzagate went on, the circle of those implicated by the conspiracists widened, eventually including bands that had performed at the event space along with staff and patrons. As conspiracists targeted them, sending harassing messages on social media or email, some locked down their online presences or left the internet entirely. #Pizzagaters interpreted these reasonable reactions to harassment as further evidence of guilt, concealment, or something. The conspiratorial mode does not admit of privacy, only secrecy, because power has no private life. Power is precisely defined as the ability of these avatars of states, corporations, and cabals to keep secrets.

Both ClimateGate and #PizzaGate, like nearly all conspiracy theories, are attempts to wrestle the complexities of the modern world down to a level of simplicity that can be grasped by an individual. They are both manifestations of the same reactive attempt to reassert local or individual control over systemic forms of power that defy narrative. The conspiratorial mode and its co-morbid reactionary political stance are responses to a world that is too complex to be known but which cannot be ignored or avoided. It is a direct response to our feeling as though we have been left behind by our own world.

As the complexities of the hyper-networked world exponentially compound beyond the ability of anyone to fully grasp, it’s unsurprising that the broader political culture should tumble backward into familiar moral narratives, familiar villains, all bolstered by the mediated opportunity to link, link, link, link. As networks and capital burrow through the borders between states, perforating the demarcations between power structures and between people, tales of conspiracies pop up, pulling back against that diffusion like a contracting fist.

The type of systems complexity that is emerging — where financialized markets support automated production, shipping, delivery, and disposal; where entire landmasses are hollowed out or drowned to fulfill fiduciary duties to distant shareholders — doesn’t necessarily need human or democratic engagement to persist. Unfortunately, the paranoid reactionary response does nothing to confront these global, complex systems.

It’s increasingly possible that we will have two separate reality streams: the human politics stream, full of reactive paranoia intent on creating graspable narratives for human consumption; and the overarching networks of networks, the financialized global capital streams and automated algorithmic diktats that operate and adhere without being wholly grasped, without anyone understanding them in their entirety.

Conspiracies are not in themselves an irrational response to the current complex networked environment. One only has to look at the fracking industry, the pharmaceutical industry’s R&D policies, or the Catholic Church scandals to see that our world weeps conspiracies. They come out of the walls. And the networked environment materially encourages both the manifestation of conspiracies and that perception of them, link by link by link. But the conspiratorial tales people tell, the ones that aim to comfort through narrative reassurances of the centrality of humans in our own world, will always be more compelling than the reality of a complex world running away without us.

15 May 17:29

We Can’t Drive our way out of Congestion

by Sandy James Planner

Concept 26

As reported by City Lab‘s Laura Bliss, our utopian view of driverless “Uber” and “Lyft” vehicles might be very different as “zero occupancy vehicles” jockey to pick up drivers and do short errands. That’s why the philosophy has been to share driverless cars, different from Elon Musk who wants one of his cars in every citizen’s driveway.

There is a fear that the driverless technology will be so pervasively cheap and convenient that it will attract riders who normally would not be driving and result in an increase of vehicle kilometers travelled. “Even in a shared scenario, there could be a vehicle kilometers travelled  increase due to increased demand,” says Adam Cohen, a research associate at UC Berkeley’s Transportation Sustainability Research Center, who presented his research on planning for shared mobility this week at the American Planning Association’s annual conference in New York.”

Cities and policies can be tweaked now to be “proactive in planning for Autonomous vehicles rather than reactive in the future, advice that is becoming dogma among “smart city” practitioners and advocates“.  Cities such as Paris, Oslo and Stockholm are banning cars from urban cores, countering the carpool convenience that autonomous vehicles might represent. Priority travel lanes for high-occupancy autonomous vehicles  like buses and road pricing policies which charge by vehicle kilometer in traffic dense areas will be needed to reduce vehicle kilometers travelled.

As Bruce Schaller, a former senior official with the New York City Department of Transportation and an expert in emerging ride services noted “Public officials don’t know what policies are needed for technology that doesn’t yet exist. The private sector, from Uber to Detroit to Google, are rushing headlong toward an intensive competition to get out ahead”.

And a late breaking news item-Uber and Google’s Waymo have agreed to co-operate in getting their technology out. More here.

automated


15 May 17:29

Richmond, Let’s Make Farmland Important, Not a Land Grab for Mansion Builders

by Sandy James Planner

farmland21a

As reported in the Richmond News there’s been some surprising setbacks in the City of Richmond’s approach to stop the creation of massive monster houses eating up farmland in the Agricultural Land Reserve within the municipality. In a previous Price Tags we addressed the fact that the City of Richmond was thinking of  “restricting the size of houses built on the ALR (the Agricultural Land Reserve) in that municipality. A couple of things-if you purchase farm land you do not have to pay the 15 per cent foreign owner tax. And if you can crop blueberries or have a calf born on the property you can claim you are a farmer and have the land taxed as agricultural instead of as a large house executive estate.”

Price Tags also noted “A Globe and Mail investigation found wealthy investors bought farmland in Richmond without any intention of farming and took advantage of tax incentives to pay meagre property taxes while, in some cases, operating illegal hotels. The investigation found local and foreign buyers enjoy large tax breaks meant to encourage farming.”

Well things have not gone too well for the Agricultural Land Reserve and some of the most arable lands in Canada within the jurisdiction of the municipality of Richmond. While city staff wanted housing on the ALR to be limited to  5,382 square foot houses, Council has caved into pressure to double that to 10,674 square feet.  That is a very, very very big house.

On Monday May 15 there is a public hearing in Richmond to discuss floor space restrictions. Of course farmland owners are also upset as their properties are worth more with the potential to be big mansion holders. While there was a moratorium put in place until this matter was resolved,  sadly the majority of council has caved into a compromise to double the staff recommended size limit to 10,764 square feet if the land is at least one half an acre in size. Less land-you are at 5,382 square feet.

It’s one for the buyers and builders of this massive housing form, and zero for the entrusted status of  arable farmland. And of course there is that weird counter argument that  “farmers and landowners continued their message that they “shouldn’t be punished” because of rogue developers seeking to build mega mansions on farmland.” It’s all part of the gravy.

Councillor Harold Steves, who was one of the original backers of the Agricultural Land Reserve sensibly called for farmhouses to increase vertically, not horizontally noting that increasing farmland prices for mansions prices land out of reach for farmers. What increasing mansion size on farm land is doing is “jumping the gun above the (neighbouring cities) and this will put pressure on them to increase their sizes” of land in the Agricultural Land Reserve. Every decision is connected.

Allowing large agricultural mansions puts farmers into renters of space, not owners, and not in control of the lands. Applications for farmland mansions have increased, with the average mansion being at 13,000 square feet, with one at 32,660 square feet.

Is this the end of the region as we know it? Do we so devalue our farmland and the chance for sustainable agricultural practice in our region that we will sell out for this not needed housing form that has no benefit to agricultural lands? Monday’s City of Richmond hearing will tell.

 


15 May 17:28

Dinner By Cycle

by Ken Ohrn

While wandering in the West End the other day, I saw several restaurant delivery people on bikes.  It seems like a sensible business model, a resource-light way to provide a service, lugging food from restaurant to hungry people.

I like seeing people coming up with more options — more ways to get things done.

Click to enlarge.


15 May 17:28

The Green Ceiling

by pricetags

Love this time of year – when canopies of virgin green create corridors of foliage.

The use of planting boxes to line our cycle tracks – as here in the 800-block Hornby – was a great idea.  But the landscape architect for Robson Square, Cornelia Oberlander, was said to be uphappy with their cheap plastic look next to the smooth concrete solidity of Arthur Erickson’s design.  Maybe someday a more permanent complementary solution might be found with privately raised funds for the planters and sponsors for an annual garden show.


15 May 17:28

Vancouver 1972 – 1982

by Ken Ohrn

Vancouver photog Greg Girard has a show at the Monte Clark Gallery, featuring pix from a strange era in Vancouver:  somehow lost between “dump the freeways” and Expo 86, but still “. . . a port town at the end of the railway line”.

When I started making these photographs, especially the pictures of people in the mid-1970s, I felt like I was photographing a world nobody knew anything about, apart from the people living it, of course. I was something of an interloper, but my youth protected me. It’s curious to consider these pictures now, practically unseen since they were made, in terms of a Vancouver they might have some potential to invent. –Greg Girard

I’m heading over there  (*gasp*:  east of Main) in the hopes of expanding my ideas about photographs and about Vancouver’s heritage.

Girard

Thanks to the Monte Clark Gallery and Greg Girard for the image:  click to enlarge

The show ends May 27.  More info HERE.


15 May 17:28

Google and Volvo Cars partner to build Android into connected cars

by Bradly Shankar
android connected cars

Google and Volvo Cars are partnering to build Android into the next generation of vehicles featuring in-car infotainment and connectivity solutions.

Under this initiative, “hundreds of popular [Android] apps” — developed by Google, Volvo or third-party companies — will be offered to owners of the Swedish-made vehicles. No specific apps were mentioned, however.

“We are making an important strategic step with the Google partnership. Google’s platform and services will enhance the user experience by enabling more personalization possibilities, while Android will offer increased flexibility from a development perspective,” said Henrik Green, senior vice-president of research and development at Volvo Car Group.

“We’re thrilled to partner with Volvo to bring Android into their next generation connected cars,” said Patrick Brady, vice-president of Android engineering at Google. “This partnership gives us the opportunity to deliver a more seamless experience to Volvo drivers through a full-featured infotainment platform and rich ecosystem of Android applications and Google services.”

Volvo also announced that it will be bringing location-based service application Google Local Search to its recent car models. An update through the Sensus Navigation system will add the new functionality.

Volvo says further details will be revealed at Google’s annual I/O tech show later this week.

Image credit: Volvo 

Source: Newswire

The post Google and Volvo Cars partner to build Android into connected cars appeared first on MobileSyrup.

15 May 17:28

A guide to running a minimalist business

by Paul Jarvis

Minimalism is a mindset rather than a blind purge. If something is useful or pleasurable, you keep it. If it’s not, then you consider scrapping it.

The post A guide to running a minimalist business appeared first on Paul Jarvis.

15 May 17:28

Philips Hue Line Expands with Ambiance Lamps, Fixtures, and New Bulbs

by Ryan Christoffel

Philips Hue has long been one of the premier lines of smart lights on the market, and today that line is expanding with several new products. Philips announced through Business Wire a range of Ambiance offerings, including table lamps, fixtures, and bulbs.

The Ambiance lamps, named Wellner and Wellness, along with the Flushmount fixture, are available for pre-order today with mid-June ship dates. Each of the lamps is listed for $99.99, while the ceiling fixture is $199.99. At a glance, these products appear well designed, and a great fit for placement in anyone's home. The new Ambiance bulbs will be available for pre-order in June, with July ship dates.

As with other Hue devices, each of these upcoming products feature support for an array of smart home platforms, including Apple's HomeKit, Amazon's Alexa, and more. So no matter which platform you may be committed to, you shouldn't have to worry about compatibility issues here.


Support MacStories Directly

Club MacStories offers exclusive access to extra MacStories content, delivered every week; it’s also a way to support us directly.

Club MacStories will help you discover the best apps for your devices and get the most out of your iPhone, iPad, and Mac. Plus, it’s made in Italy.

Join Now
15 May 17:28

Amanda Hess, Earning the ‘Woke’ Badge

Amanda Hess, Earning the ‘Woke’ Badge:

‘Woke’ is undergoing a counter revolution, a third recasting:

Those who try to signal their wokeness by saying “woke” have revealed themselves to be very unwoke indeed. Now black cultural critics have retooled “woke” yet again, adding a third layer that claps back at the appropriators. “Woke” now works as a dig against those who claim to be culturally aware and yet are, sadly, lacking in self-awareness. In a sharp essay for The Awl, Maya Binyam coined the term “Woke Olympics,” a “kind of contest” in which white players compete to “name racism when it appears” or condemn “fellow white folk who are lagging behind.”

The latest revolution of “woke” doesn’t roll its eyes at white people who care about racial injustice, but it does narrow them at those who seem overeager to identify with the emblems and vernacular of the struggle. For black activists, there is a certain practicality in publicly naming white allies. Being woke, Stovall says, means being “aware of the real issues” and willing to speak of them “in ways that are uncomfortable for other white folks.” But identifying allies poses risks, too. “There are times when people have been given the ‘black pass,’ and it hasn’t worked out so well,” Stovall says. “Like Clinton in the ’90s.” A white person who gains a kind of license to use power on behalf of black people can easily wield that power on behalf of themselves.

“Woke” feels a little bit like Macklemore rapping in one of his latest tracks about how his whiteness makes his rap music more acceptable to other white people. The conundrum is built in. When white people aspire to get points for consciousness, they walk right into the cross hairs between allyship and appropriation. These two concepts seem at odds with each other, but they’re inextricable. Being an ally means speaking up on behalf of others — but it often means amplifying the ally’s own voice, or centering a white person in a movement created by black activists, or celebrating a man who supports women’s rights when feminists themselves are attacked as man-haters. Wokeness has currency, but it’s all too easy to spend it.

15 May 17:27

David Cassel, COBOL Is Everywhere. Who Will Maintain It?

David Cassel, COBOL Is Everywhere. Who Will Maintain It?:

COBOL will never die, apparently.

Think COBOL is dead? About 95 percent of ATM swipes use COBOL code, Reuters reported in April, and the 58-year-old language even powers 80 percent of in-person transactions. In fact, Reuters calculates that there’s still 220 billion lines of COBOL code currently being used in production today, and that every day, COBOL systems handle $3 trillion in commerce. Back in 2014, the prevalence of COBOL drew some concern from the trade newspaper American Banker.

“The mainframe was supposed to have been be replaced by farms of smaller commodity servers and cloud computing by now, but it still endures at many banks,” the trade pub reported.

But should we be concerned that so much of our financial infrastructure runs on an ancient infrastructure? American Banker found 92 of the top 100 banks were still using mainframe computers — and so were 71 percent of the companies in the Fortune 500. As recently as five years ago, the IT group at the Bank of New York Mellon had to tend to 112,500 different COBOL programs — 343 million lines of code, according to a 2012 article in Computerworld. And today a quick Google search today shows the Bank of New York Mellon is still hiring COBOL developers.

COBOL was originally developed in the 1950s as a stop-gap by the Department of Defense, but then computer manufacturers began supporting it, “resulting in widespread adoption,” according to Wikipedia. Now the Eisenhower-era programming language — based on design work by Grace Hopper — is everywhere. And because it’s so entrenched it can be difficult to transition to a new language. Reuters reported in April that when Commonwealth Bank of Australia replaced its core COBOL platform in 2012, it took five years — and cost $749.9 million.

15 May 17:27

Evan Ackerman, Drone Uses AI and 11,500 Crashes to Learn How to Fly

Evan Ackerman, Drone Uses AI and 11,500 Crashes to Learn How to Fly:

Great counterexample to the general rule that AI learns by approximating how people learn to do things. This AI-guided drone learns to navigate complex interiors not by avoiding collisions – which is what people do – but instead by colliding all over the place to build up a database of collisions, and to learn from that. It then tries to avoid collision-y looking obstacles.

“Learning to Fly by Crashing,” a paper from CMU roboticists Dhiraj Gandhi, Lerrel Pinto, and Abhinav Gupta, has such a nice abstract that I’ll just let them explain what this research is all about:

[T]he gap between simulation and real world remains large especially for perception problems. The reason most research avoids using large-scale real data is the fear of crashes! In this paper, we propose to bite the bullet and collect a dataset of crashes itself! We build a drone whose sole purpose is to crash into objects […] We use all this negative flying data in conjunction with positive data sampled from the same trajectories to learn a simple yet powerful policy for UAV navigation.

Compared to a baseline approach using monocular depth estimation, it’s massively better, somewhere between 2x and 10x the performance (in both time in the air and distance flown), depending on the environment. The biggest benefit comes from navigating around featureless walls and glass doors, both of which are notoriously challenging for depth estimation.

The obvious question to ask is whether this method is actually more effective than the alternative, which is teaching a drone to fly through not crashing instead. I’m not sure what the answer is, but the point is that if you allow crashing, the entire learning process can be self-supervised: Just set the drone up in a room and let it do its thing. You’ll have to change the batteries (and the hull, on occasion) but otherwise all of the data collection and learning is completely autonomous. If, on the other hand, you try to teach a drone to fly through not crashing, you have to find a way to make sure that it doesn’t crash. You can do that by learning from a human pilot, or putting it in some environment with a motion capture system and some 3D maps of obstacles and whatnot, but that adds cost and complexity. Crashing is so much easier.

Yes, crashing is so much easier.

15 May 17:27

@erickschonfeld

@erickschonfeld:
15 May 17:17

WannaCry About Business Models

by Ben Thompson

For the users and administrators of the estimated 200,000 computers affected by “WannaCry” — a number that is expected to rise as new variants come online (the original was killed serendipitously by a security researcher) — the answer to the question implied in the name is “Yes.”

wannacryscreenshotpng

WannaCry is a type of malware called “ransomware”: it encrypts a computers’ files and demands payment to decrypt them. Ransomware is not new; what made WannaCry so destructive was that it was built on top of a computer worm — a type of malware that replicates itself onto other computers on the same network (said network, of course, can include the Internet).

Worms have always been the most destructive type of malware — and the most famous: even non-technical readers may recognize names like Conficker (an estimated $9 billion of damage in 2008), ILOVEYOU (an estimated $15 billion of damage in 2000), or MyDoom (an estimated $38 billion of damage in 2004). There have been many more, but not so many the last few years: the 2000s were the sweet spot when it came to hundreds of millions of computers being online with an operating system — Windows XP — that was horrifically insecure, operated by users given to clicking and paying for scams to make the scary popups go away.

Over the ensuing years Microsoft has, from Windows XP Service Pack 2 on, gotten a lot more serious about security, network administrators have gotten a lot smarter about locking down their networks, and users have at least improved in not clicking on things they shouldn’t. Still, as this last weekend shows, worms remain a threat, and as usual, everyone is looking for someone to blame. This, time, though, there is a juicy new target: the U.S. government.

The WannaCry Timeline

Microsoft President and Chief Legal Officer Brad Smith didn’t mince any words on The Microsoft Blog (“WannaCrypt” is an alternative name for WannaCry”):

Starting first in the United Kingdom and Spain, the malicious “WannaCrypt” software quickly spread globally, blocking customers from their data unless they paid a ransom using Bitcoin. The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States. That theft was publicly reported earlier this year. A month prior, on March 14, Microsoft had released a security update to patch this vulnerability and protect our customers. While this protected newer Windows systems and computers that had enabled Windows Update to apply this latest update, many computers remained unpatched globally. As a result, hospitals, businesses, governments, and computers at homes were affected.

Smith mentions a number of key dates, but it’s important to get the timeline right, so let me summarize it as best as I understand it:1

  • 2001: The bug in question was first introduced in Windows XP and has hung around in every version of Windows since then
  • 2001–2015: At some point the NSA (likely the Equation Group, allegedly a part of the NSA) discovered the bug and built an exploit named EternalBlue, and may or may not have used it
  • 2012–2015: An NSA contractor allegedly stole more than 75% of the NSA’s library of hacking tools
  • August, 2016: A group called “ShadowBrokers” published hacking tools they claimed were from the NSA; the tools appeared to come from the Equation Group
  • October, 2016: The aforementioned NSA contractor was charged with stealing NSA data
  • January, 2017: ShadowBrokers put a number of Windows exploits up for sale, including a SMB zero day exploit — likely the “EternalBlue” exploit used in WannaCry — for 250 BTC (around $225,000 at that time)
  • March, 2017: Microsoft, without fanfare, patched a number of bugs without giving credit to whomever discovered them; among them was the EternalBlue exploit, and it seems very possible the NSA warned them
  • April, 2017: ShadowBrokers released a new batch of exploits, including EternalBlue, perhaps because Microsoft had already patched them (dramatically reducing the value of zero day exploits in particular)
  • May, 2017: WannaCry, based on the EternalBlue exploit, was released and spread to around 200,000 computers before its kill switch was inadvertently triggered; new versions have already begun to spread

It is axiomatic to note that the malware authors bear ultimate responsibility for WannaCry; hopefully they will be caught and prosecuted to the full extent of the law.

After that, though, it gets a bit murky.

Spreading Blame

The first thing to observe from this timeline is that, as with all Windows exploits, the initial blame lies with Microsoft. It is Microsoft that developed Windows without a strong security model for networking in particular, and while the company has done a lot of work to fix that, many fundamental flaws still remain.

Not all of those flaws are Microsoft’s fault: the default assumption for personal computers has always been to give applications mostly unfettered access to the entire computer, and all attempts to limit that have been met with howls of protest. iOS created a new model, in which applications were put in a sandbox and limited to carefully defined hooks and extensions into the operating system; that model, though, was only possible because iOS was new. Windows, in contrast, derived all of its market power from the established base of applications already in the market, which meant overly broad permissions couldn’t be removed retroactively without ruining Microsoft’s business model.

Moreover, the reality is that software is hard: bugs are inevitable, particularly in something as complex as an operating system. That is why Microsoft, Apple, and basically any conscientious software developer regularly issues updates and bug fixes; that products can be fixed after the fact is inextricably linked to why they need to be fixed in the first place!

To that end, though, it’s important to note that Microsoft did fix the bug two months ago: any computer that applied the March patch — which, by default, is installed automatically — is protected from WannaCry; Windows XP is an exception, but Microsoft stopped selling that operating system in 20082 and stopped supporting it in 2014 (despite that fact, Microsoft did release a Windows XP patch to Fix the bug on Friday night). In other words, end users and the IT organizations that manage their computers bear responsibility as well. Simply staying up-to-date on critical security patches would have kept them safe.

Still, staying up-to-date is expensive, particularly in large organizations, because updates break stuff. That “stuff” might be critical line-of-business software, which may be from 3rd-party vendors, external contractors, or written in-house: that said software is so dependent on one particular version of an OS is itself a problem, so you can blame those developers too. The same goes for hardware and its associated drivers: there are stories from the UK’s National Health Service of MRI and X-ray machines that only run on Windows XP, critical negligence by the manufacturers of those machines.

In short, there is plenty of blame to go around; how much, though, should go into the middle part of that timeline — the government part?

Blame the Government

Smith writes in that blog post:

This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.

This comparison, frankly, is ridiculous, even if you want to stretch and say that the impact of WannaCry on places like hospitals may actually result in physical harm (albeit much less than a weapon of war!).

First, the U.S. government creates Tomahawk missiles, but it is Microsoft that created the bug (even if inadvertently). What the NSA did was discover the bug (and subsequently exploit it), and that difference is critical. Finding bugs is hard work, requiring a lot of money and effort. It’s worth considering why, then, the NSA was willing to do just that, and the answer is right there in the name: national security. And, as we’ve seen through examples like Stuxnet, these exploits can be a powerful weapon.

Here is the fundamental problem: insisting that the NSA hand over exploits immediately is to effectively demand that the NSA not find the bug in the first place. After all, a patched (and thus effectively published) bug isn’t worth nearly as much, both monetarily as ShadowBrokers found out, or militarily, which means the NSA would have no reason to invest the money and effort to find them. To put it another way, the alternative is not that the NSA would have told Microsoft about EternalBlue years ago, but that the underlying bug would have remained un-patched for even longer than it was (perhaps to be discovered by other entities like China or Russia; the NSA is not the only organization searching for bugs).

In fact, the real lesson to be learned with regard to the government is not that the NSA should be Microsoft’s QA team, but rather that leaks happen: that is why, as I argued last year in the context of Apple and the FBI, government efforts to weaken security by fiat or the insertion of golden keys (as opposed to discovering pre-existing exploits) are wrong. Such an approach is much more in line with Smith’s Tomahawk missile argument, and given the indiscriminate and immediate way in which attacks can spread, the country that would lose the most from such an approach would be the one that has the most to lose (i.e. the United States).

Blame the Business Model

Still, even if the U.S. government is less to blame than Smith insists, nearly two decades of dealing with these security disasters suggests there is a systematic failure happening, and I think it comes back to business models. The fatal flaw of software, beyond the various technical and strategic considerations I outlined above, is that for the first several decades of the industry software was sold for an up-front price, whether that be for a package or a license.

This resulted in problematic incentives and poor decision-making by all sides:

  • Microsoft is forced to support multiple distinct code bases, which is expensive and difficult and not tied to any monetary incentives (thus, for example, the end of support for Windows XP).
  • 3rd-party vendors are inclined to view a particular version of an operating system as a fixed object: after all, Windows 7 is distinct from Windows XP, which means it is possible to specify that only XP is supported. This is compounded by the fact that 3rd-party vendors have no ongoing monetary incentive to update their software; after all, they have already been paid.
  • The most problematic impact is on buyers: computers and their associated software are viewed as capital costs, which are paid for once and then depreciated over time as the value of the purchase is realized. In this view ongoing support and security are an additional cost divorced from ongoing value; the only reason to pay is to avoid a future attack, which is impossible to predict both in terms of timing and potential economic harm.

The truth is that software — and thus security — is never finished; it makes no sense, then, that payment is a one-time event.

SaaS to the Rescue

Four years ago I wrote about why subscriptions are better for both developers and end users in the context of Adobe’s move away from packaged software:

surplus2

That article was about the benefit of better matching Adobe’s revenue with the value gained by its users: the price of entry is lower while the revenue Adobe extracts over time is more commensurate with the value it delivers. And, as I noted, “Adobe is well-incentivised to maintain the app to reduce churn, and users always have the most recent version.”

This is exactly what is necessary for good security: vendors need to keep their applications (or in the case of Microsoft, operating systems) updated, and end users need to always be using the latest version. Moreover, pricing software as a service means it is no longer a capital cost with all of the one-time payment assumptions that go with it: rather, it is an ongoing expense that implicitly includes maintenance, whether that be by the vendor or the end user (or, likely, a combination of the two).

I am, of course, describing Software-as-a-service, and that category’s emergence, along with cloud computing generally (both easier to secure and with massive incentives to be secure), is the single biggest reason to be optimistic that WannaCry is the dying gasp of a bad business model (although it will take a very long time to get out of all the sunk costs and assumptions that fully-depreciated assets are “free”).3 In the long run, there is little reason for the typical enterprise or government to run any software locally, or store any files on individual devices. Everything should be located in a cloud, both files and apps, accessed through a browser that is continually updated, and paid for with a subscription. This puts the incentives in all the right places: users are paying for security and utility simultaneously, and vendors are motivated to earn it.

To Microsoft’s credit the company has been moving in this direction for a long time: not only is the company focused on Azure and Office 365 for growth, but even its traditional software has long been monetized through subscription-like offerings. Still, implicit in this cloud-centric model is a lot less lock-in and a lot more flexibility in terms of both devices and services: the reality is that for as much of a headache Windows security has been for Microsoft, those headaches are inextricably tied up with the reasons that Microsoft has been one of the most profitable companies of all time.

The big remaining challenge will be hardware: the business model for software-enabled devices will likely continue to be upfront payment, which means no incentives for security; the costs are externalities to be borne by the targets of botnets like Mirai. Expect little progress and lots of blame, the hallmark of the sort of systematic breakdown that results from a mismatched business model.

  1. I will update this section as necessary and note said updates in this footnote
  2. Windows XP was still available for Netbooks until 2010
  3. The answer for individual security is encryption