Facial recognition and next generation privacy. David Thompson gives an update on the progress of facial recognition software and its implications for privacy 2.0.  In addition to describing the revolution in surveillance capabilities that occurs when a person can be identified on any security camera feed or in any of the more than three billion photos on Flickr, he notes that Face.com released an API last month, allowing developers free access to its facial recognition technology and the green light to adapt it for new uses.  Here’s hoping the appropriate norms evolve in tandem.

Defamation liability: please fwd. A bankruptcy court in Texas has ruled that forwarding an email link can be considered defamation.  The defendant in the case didn’t send a copy of the actual content, just a link to a website.  Neither had he written any of the defamatory content on the website.  It’s unlikely that the ruling will survive an appeal, since forwarding a link probably doesn’t amount to the required element of “publication” under a traditional interpretation of defamation law.  Still, it’s something to think about the next time there’s a link to a juicy tabloid story in your inbox.

Shifting foundations of the App Store. Apple continues to indulge its discretion when it comes to approving iOS apps.  This time it pulled an app for being “widget-like,” despite approving three previous versions.  The frustrated developer asks “How can a company be prepared to invest into a platform that can change at any time?“

It Gets Worse: Apple Censors a Gay Kiss in Oscar Wilde Comic. In another Apple censorship story, the company appeared to block out a kiss in a comic book because two men were doing the kissing. To be fair, it’s not entirely clear to me from the pictures in the article whether the same-sex kiss was the cause of the blackout, but the author claims that similar opposite-sex scenes have gone unchanged in other comic books. As he says, “the more examples I see of Apple’s capricious censoring, the less funny it is.”

Steve Jobs at D8: Post-PC era is nigh. In the introduction of the book, JZ predicted that Steve Jobs, having launched the PC era, was about to usher it out. Now, Jobs says the same thing. According to him, “PCs are going to be like trucks … they are still going to be around,” but “one out of x people will need them.”

TiVo’s ‘Big Win’ Over Dish On Patents Looking Less And Less Solid, As Patent Office Rejects Patent Claims. Update in the TiVo-EchoStar battle: we may never find out if EchoStar will actually have to remotely kill already-purchased DVRs, because the Federal Circuit is rehearing the original patent claims en banc.

—By Jennifer Halbleib and Elisabeth Oppenheimer

Communicating with the e-book mothership. If the latest must-read on Kindle is dotted with typos or has a few pages missing, there’s a good chance Amazon offers a patch to correct the error. It’s a handy Internet-enabled functionality, although one can imagine at the extreme authors continuing to update their work ad infinitum, making it impossible for a reader to say he or she has read an e-book since content is always subject to change. Information flows in the other direction on the Kindle superhighway too, as Amazon apparently keeps track of what readers are highlighting. There’s some creep factor in Amazon knowing what ideas Kindle readers think are important, even if the most highlighted passages are in works as deep as The Lost Symbol. But the information is also so interesting.

The remote control. In April, Sony quietly revised the End User License Agreement that came with the latest PS3 firmware update to allow the company to change how an owner’s console operates in whatever way it wants, no notice or permission required. Now the FCC, at the request of the MPAA, has given cable and satellite providers the right to remotely disable output connections on consumers’ set-top boxes, leading consumers to ask “What did I buy?”

Curated Computing is the new name in town for the experience provided by the tablet non-PC. This particular term is meant to accentuate the “less choice, more relevance” aspects of that experience. It rolls off the tongue more smoothly than “contingently generative” and sounds less regressive than an “appliance,” but it connotes somewhat life aboard the Axiom. However, its proponents suggest that curated computing devices are meant to exist alongside and supplement traditional PCs. Let’s call that a worthy goal and the best of both worlds.

iPhone pillow talk with Steve Jobs. A ValleyWag reporter last week exchanged late-night emails with a defiant Steve Jobs on the iPhone’s ability to give people “freedom from” data theft, battery hogs, and porn. The emails speak for themselves, giving a little insight into Jobs’ perspective on the benefits and aims of the iPhone. He gets a little snarky at the end, but then again it’s 2am when he’s responding, and he never has a chance to clarify his comments, unlike the Gawker reporter.

Android outsells iPhone. During the first quarter of 2010, phones with the Android OS grabbed 28% of the U.S. market share, surpassing iPhone’s 21% (RIM’s Blackberry is still at the top with 36%).  Although Android benefited from Verizon’s buy-one-phone-get-one-free promotion and iPhone continues to lead worldwide, it appears Google is getting closer in Apple’s rearview mirror.

McAfee prevents computers from booting up in new virus-protection strategy. Centralizing security software in a few big providers concentrates expertise to solve problems, while also meaning that there are only a few–albeit strong–security systems the bad guys need to breach in order to wreak widespread havoc.  But in a previously under-appreciated risk, a flawed update of widely-used antivirus software can cut out the middleman and accomplish the same havoc directly.  A McAfee software update mistakenly identified a critical file as a virus and quarantined it, causing computers around the world, many of which automatically install updates, to repeatedly attempt to boot up.  One source estimated that 800,000 PCs were affected.

Taking [re-]generativity seriously. A Connecticut mayor donated her kidney to a Facebook friend last month after seeing his desperate status update.  The patient’s doctor had suggested that he try publicizing his need through social media, using an online connection to a forge a real-world bond.

Whoops: Five days later, Steve Jobs announced modified Apple developer rules banning use of “intermediary” tools such as Air—in other words, there will be no more cross-platform development. Adobe employees: not happy.

This is starting to sound pretty antitrust-y. It’s hard to think of any logical reason Apple cares where an app’s code originates—unless, of course, it just wants to hurt Adobe at every turn. Unfortunately, it’s been hard to find knowledgeable people analyzing actual antitrust law—anyone know of a good blog? (For what it’s worth, this old post from the Antitrust Law Blog indicates that the tech sector, including Apple, is under heavier scrutiny from the DOJ and FTC.)

Not surprisingly, there are rumors a lawsuit is brewing.

As usual, there’s another chapter in this saga: Flash translation. In a related but not identical story, Apple has long been hostile to Adobe’s Flash multimedia platform, citing stability and security concerns for refusing to offer Flash support for the iPhone and iPad. This puts websites that use Flash in a tough spot and limits iUsers’ access to content—75% of web video according to Adobe. Enter RipCode, which has developed a server-side translator solution. If an iPhone user attempts to access a Flash video, the “transcoder” detects the platform and translates the video into a compatible format. Since the transcoder is run off the website’s server, it doesn’t require Apple’s approval. Assuming it’s reliable, this is a nice example of a how the generative web allows enterprising developers to solve problems (or, depending on your point of view, do end-runs around the rules).

—By Jennifer Halbleib and Elisabeth Oppenheimer

-Prof. Z was elected to the Internet Society’s board of trustees for a three-year term. The Internet Society is an international nonprofit organisation founded in 1992 to “provide leadership in Internet related standards, education, and policy.”

- For those who missed it, the audio of the interview featured on WNPR (April 30) on “What’s Next For the World Wide Web?” is up on the web!

-The Zittrain Twitter feed has been added to the site. Of course, you can always follow the professor directly through Twitter if you set up your own account (it’s free).

-Prof. Z participated in a workshop hosted by the Harvard Kennedy School titled “Cultures in Common: 50 Years of Reflection on Science, Technology, and Society” on May 8. He spoke about “Ordering the Wild Frontier: The Cultures of the Internet”

-Z was in London on May 19 to deliver a lecture on “The Future of the Internet: Private Sheriffs in Cyberspace” for the Society for Computers and Law.

Coming up…

-Celebrating the 10th anniversary of the Cluetrain Manifesto, Prof. Z will talk with Cluetrain authors Doc Searls and David Weinberger at Harvard Law School  on June 16. The event is open to the public. More info here.

-Z will deliver the keynote “Future of Video and How to Stop It” on June 20 at the Open Video Conference in New York.

April 7: The Harvard Law School News reports on Prof.Z’s talk at the Computer Emergency Response Team Coordination Center’s 20^th Anniversary Technical Symposium at Carnegie MellonUniv.

April 13: Prof. Z talks to PayPal and Clarium Capital founder Peter Thiel about whether monopolies can save the Internet. Click here for video.

April 15: Prof. Z interviews Daniel Hoffer, Founder and Chairman of CouchSurfing. Click here for video.

April 19: “In a down economy, one might surf for an hour rather than spend $15 at a multiplex,” Z says in Cnet article on online piracy.

April 22: Interview (podcast) on Command Line. (updated 4/23)

April 28: Discussing the Wolfram Alpha demo with Stephen Wolfram (updated April 29)

* On NPR’s On the Media, Prof. Z talks about the future of the internet and security issues

* Z introduces  Herdict on the World Technology Podcast 234, Air Mozilla (Media player available on Air Mozilla’s website), and Radio Berkman.

-yvette wohn

Snowfall in Cambridge is keeping people at home but perfectly illustrates situations that can be solved with ubiquitous human computing. Prof. Z discusses this concept of using remote human resources in a recent interview with Nokia’s Ideas Project. Cheap networks, he says, enables organizations to get things done regardless of location. Bad news for those who enjoyed sleeping in on a Monday morning.

Prof. Z’s working paper on ubiquitous human computing can be found here.

Jonathan Zittrain’s brainchild Herdict was officially released today. (Watch the project’s mascot — a sheep — demonstrate “the verdict of the herd” in a short video… does its voice sound familiar?)

Herdict is a tool that employs the distributed power of the Internet community to provide insight into what users around the world are experiencing in terms of web accessibility. People can participate by reporting websites that they cannot access, testing sites that others have reported, or downloading the browser add-on for reporting sites on the fly.

Herdict is a portmanteau of ‘herd’ and ‘verdict.’ Using Herdict Web, anyone anywhere can report websites as accessible or inaccessible. Herdict Web aggregates reports in real time, permitting participants to see if inaccessibility is a shared problem, giving them a better sense of potential reasons for why a site is inaccessible. Trends can be viewed over time, by site and by country.

Herdict Web builds out from the OpenNet Initiative‘s research on global Internet filtering. The OpenNet Initiative tests Internet filtering through an academic methodology. Herdict Web takes a different approach, crowdsourcing reports to learn about and display a real-time picture of user experiences around the globe.

Watch Prof. Z discussing Herdict Web at a recent Berkman luncheon, or listen to a podcast of Herdict on Radio Berkman.

Celebrating the first anniversary of its publication, The Future of the Internet- And How to Stop It will be available in paperback on March 15, making it easier for those who want to read on the go. The book can also be downloaded to the Kindle for $16.50 and is available for free on this web site.

With Internet security issues getting hotter and hotter, our cyber scholar is in high demand.

On March 12, Prof. Z will be giving a luncheon talk at the CERT Technical Symposium at Carnegie Mellon Univ. The theme of this year’s symposium is “Security Challenges in an Evolving World.” On March 14, he will be flying out to Texas and joining other Internet experts at SXSW Interactive. His presentation/panel is titled “Civic technologies and the Future of the Internet.”

Suppose that we agree on a rough (to some, controversial) value judgment: the Internet’s architectural openness (its “generativity”) — and its progression into the mainstream — has been a genuinely awesome thing, facilitating radical (and mostly good) revolutions in how we express and entertain ourselves, how we learn, how we shop, essentially in how meaning is made. 

Then: is there a signal threat to it apart from the ones arising from people (and regulators) who reject or are harmed by the Net’s openness even when it’s functioning as designed?  I.e., apart from those who don’t share the value judgment about openness?

I gather that some say no.  David Akin and David Isenberg, and perhaps Gene S. (although he sort of seems to say “a pox on both your houses”), say that for all its vulnerabilities, the Internet manages to keep on ticking, and suggestions that there is a growing — perhaps existential — threat to its functioning arising from anti-libertarian control freaks and mercenary security vendors — those who benefit from rejecting its generative premise rather than those who want to save it.

I say yes.  It’s an tough empirical question and there is plenty of room for disagreement — much of this is crystal ball gazing — but it clouds the ball further to argue that anyone who tries to describe the threat is only doing so because he or she seeks lockdown.  I worry both about the problem that will, if no better alternatives are offered, drive people away from open systems, and life in the gated communities that will welcome them.

So what’s the problem?  As Gene says, the issue is not only with networks that are not secure, but also the endpoints: reprogrammable machines, PCs, that provide the basis for the botnets that can wreak various forms of havoc.  It’s a miracle and an absurdity that infused in homes, workplaces, and laps around the world are PCs that can be repurposed in an instant, running code from the other side of the world without the vendor of the machine or its operating system, or the network service provider, having anything to say about it.  That’s how an innovation like Skype — or, for that matter, a Web browser — can come about and hit prime time.  It’s also how worms and viruses spread, and it’s not just about OS bugs: many of these come in through the front door, with the user choosing to run new code without understanding what’s hidden within it.  I remember Microsoft’s “first immutable law of security“:

There’s a nice analogy between running a program and eating a sandwich. If a stranger walked up to you and handed you a sandwich, would you eat it? Probably not. How about if your best friend gave you a sandwich? Maybe you would, maybe you wouldn’t — it depends on whether she made it or found it lying in the street. Apply the same critical thought to a program that you would to a sandwich, and you’ll usually be safe.”

This is well intentioned, of course — we know what the author is trying to say by it — but it’s also crazy.  Millions of years of evolution have helped us intuitively discern a good sandwich from a rotten one, and we don’t continually ingest little bits of food every few minutes as we walk down the street.  There’s no such help with code.  That’s why for 99.9% of the people out there, the idea of merrily running any code they see is already a fiction.  (Most of the .1% are people who just don’t care if their PCs melt, rather than geeks who know how to secure them.)  People turn to anti-virus vendors, firewall makers, and all the other patchy tech that Gene rightly dismisses as baling wire and twine.  If that’s all they’ve got, people will be ripe for persuasion that they should lock themselves down more, opting for sterile environments like the Kindle for more and more tasks, or hybrid environments like that of the iPhone or Facebook Apps: outside code can run, but only with the prospective and ongoing  permission of the platform operator.  These are attractive solutions — I love my iPhone — but they are worrisome in the big picture, especially as the model for them begins to predominate across all software.  Already, many of the otherwise-generative machines out there are being locked down by the boxes’ actual owners: PCs in corporate environments, schools, cyber cafes, and libraries are frequently unable to run new code without bureaucratized approval.  And in the developing world, much of the excitement around the adoption of mobile platforms instead of clunky PCs tends, with a few notable exceptions, to play into the walled gardens.  Where demand goes, supply follows: for the next generation of geeks and tinkerers, many find these walled gardens to be an unremarkable feature of the landscape.  Today’s kidz are coding for Facebook and iPhone, not for GNU/Linux or Windows.

It’s not much answer to say: “Well, *I* don’t have problems with viruses; it’s just losers who don’t know how to protect their machines.  Let them have a playpen, then.”  This response reminds me of the end of Atlas Shrugged, when the handful of good capitalists retreat to a golden valley and mow each others’ lawns in a new economy, while the rest of the world melts.  I don’t want an Internet where only the nerds remain.  (USENET was fun, but …)

So, David’s subject line sounds right to me: “Fixing the Internet might break it worse than it’s broken now.”  But that doesn’t mean that we should accept the status quo.  If we do, we’ll lose it — or we’ll find that we’re one of a comparative handful clinging to it as everyone else migrates away.

What are the solutions that aren’t iatrogenic?  I’m less sanguine than many on this list that some sort of liability regime for buggy code is the way to go, both because I think it will in many cases lead to less generative platforms and because the problem transcends mere bugs in code.  (For a more detailed treatment of this, see <http://yupnet.org/zittrain/archives/18#29>.) And “more training” for users would be great, but seems unrealistic.  We need solutions that require only a critical mass of people to implement, rather than counting on lots and lots of people to suddenly become tinkerers themselves — even as they rightly should enjoy the benefits of an experimentalist culture like that of the Internet and PC.  My own ideas run less in the direction of re-architecting the entire Internet, though I’m intrigued by the Clean Slate project and its siblings, like that run by David Clark at MIT.  David Isenberg is right that I’ve suggested some promise in virtual machine technology that allows promising but suspect code to run in a “red” zone, but this approach also has limits and drawbacks.  (Who decides what’s red and green when the users’ cluelessness is what gives rise to the need for a red zone at all?)  See, e.g., <http://yupnet.org/zittrain/archives/18#6>.

Instead, I think that collecting and making available more data about the shape of the problem can help enormously.  We really don’t know what’s going on out there, and the sooner we can replace speculation with reality — and not have what little we know be a trade secret! — the better.  See <http://yupnet.org/zittrain/archives/18#48> for more details on how this could work:

Social problems can be met first with social solutions — aided by powerful technical tools — rather than by resorting to law. As we have seen, vandalism, copyright infringement, and lies on Wikipedia are typically solved not by declaring that vandals are breaking laws against “exceeding authorized access” to Wikipedia or by suits for infringement or defamation, but rather through a community process that, astoundingly, has impact.

The Google/Stopbadware partnership — which made news a few weeks ago for reasons unrelated to its core operations — is one experiment in this area.  I’m all for the Net solving its own problems — someone does always tend to step up.  (E.g., thanks, Luis von Ahn, for the CAPTCHA!)  Maybe that someone is among us?

There, now, I’ve gone ahead and ended with the thought that we are the change we’ve been waiting for.  Or is it Ready to Lead? …JZ