When the Bat Signal calls :: The Future of the Internet

When the Bat Signal calls

June 8th, 2009 | by jz | Published in university, wikipedia | 17 Comments

I was asked to give the commencement talk at my old high school this year. I wrote it out ahead of time, so figured I’d share it here –

Jonathan Zittrain
Shady Side Academy Commencement Speech – 5 June 2009

Good morning, Shady Side, and a hearty congratulations to the class of 2009!

It’s fantastic to be back on campus. I confess that when I was a student here I had good days, bad days, and, well, surreal days. I began at David Mancosh’s Middle School, where a scrappy production of Lord of the Flies enjoyed a daily run for over two decades. My first mistake was to be a skinny nerd with the name ZITTRAIN. I compounded the error by wearing my school backpack over both shoulders. I was alerted to my lack of fashion sense when someone drop kicked it from behind while I was wearing it. It sailed about six inches off the ground, taking me with it like a parachute in an updraft, and I landed with it upside down across my stomach.

From then on I carried my pack slung over my right shoulder and staggered into classes like Latin. We were given quizzes nearly every day, tasked with translating insanely convoluted sentences. We’d then visit the teacher’s desk one by one to look over his shoulder as he graded our respective quizzes, a dot on each clause as he parsed the sentences, and an angry red circle around mistakes. What happened if you managed to get through with only dots? A 99 out of 100. (There were numerical grading scales back then. Today I understand you have feel-good grades ranging from W00T to EPIC FAIL.) Anyway, no one earned 100 in this teacher’s class. 99 was the best you could do. I think the intended lesson was that no one can ever be perfect. The Latin phrase is Personam Loserum No Matter Whatum.

I’ve since drawn a larger lesson: throughout life you will encounter people in positions of authority over you whom you believe to be lunatics. How you handle these situations will in part determine how happy you can be. Sometimes you can fight it; sometimes you can persuade the other person of your view; sometimes you just have to live with it; and sometimes it turns out that you’re the lunatic. Feeling powerless over something you care about is one of the toughest situations to encounter, and such situations don’t lessen in adulthood. I remember being surprised in my twenties to discover that adults are basically just like you, only older. As of today, even as you begin the odd cycle of school life and trade in your senior status to become a frosh again, you’re part of the general club of humanity that enjoys certain freedoms while still having to reconcile to limits.

Of course, don’t underestimate the freedom half. Once you’re out from under your parents’ watchful eyes (and I assume even the boarders among you had some form of authority not far away here), you realize that in college or whatever your next stage of life is that you can do whatever you want. By this I don’t mean that you can have anything you want. Rather, you are about to become as free as one can be to make your own decisions without immediate contradiction or discipline from a parent, teacher, or boss. There were many things I loved about college, and among the best was the realization I could have Lucky Charms whenever I felt like it: breakfast, lunch, dinner, midnight snack. That’s and, not or. (You can substitute your own forbidden vice here.) It was like being thrust suddenly into the universe of a Charlie Brown television special, where adults make only the rarest of appearances, and when they do, they blat like foghorns for about ten seconds and then promptly leave.

Well, we can learn something from Charlie Brown, namely the constraint that accompanies seeming freedom. Wikipedia calls him “the great American un-success story.” Despite the absence of adults Charlie Brown remains an existentialist speck, buffeted by forces from an absurd world beyond his control. He reacts to what befalls him rather than seizing the initiative. It’s like the life of a dog: the dog accepts whatever he sees without needing to understand it. People enter and leave the field of vision. Cars drive. Elevator doors close and ten seconds later they open on a new landscape. Life is random, and what we remember of it is quirky.

For example, there was one particularly colorful sixth grade math teacher – perhaps he’s here today – who was mild mannered but for one cardinal (or is it ordinal?) offense. He’d pose a problem and the called-upon student would timidly offer something like: “Six oh four?” Silence. The bad kind. Then: “Ohhh-EW-uh?! OHHHHHH?? OH IS A LETTER! ZERO IS A NUMBER!” with a pound on the blackboard enough to raise chalk dust on the other side of the wall in dear old Mr. McMillan’s English class.

I remember the rule about zero and OH and nothing else from that entire year of mathematics. Little things like this, whether remembered or not, are the dark matter of our universe: invisible but dominating. They comprise the bulk of who and what we are. People weave in and out of your life every day, usually entirely forgettably, and you in theirs. The attendant working the register at Target. The server at the local restaurant. The cell phone addict who sits next to you on a flight. Most of life is a stitching together of these moments of seeming insignificance, of shopping and eating and waiting and being annoyed, a vast expanse of mental prairie that connects the clusters and spires of the life milestone set pieces that we think make us distinct. In today’s words, life is largely Twitter, and I wonder if any of us will remember more than 140 characters from, say, this speech.

The set pieces are the graduations, weddings, funerals, and I suppose statistically speaking for at least one or two of us, the indictments. Those milestones may seem more salient, because by definition they happen rarely and summon more of our attention. Moreover, we aren’t prepared for how to handle them by our own experience; the closest guides we have, oddly enough, are the ways in which they are worked into our popular culture to make it seem less like dull prairie. That’s why there are no bathrooms on the starship Enterprise. Compare how many crises and killings and funerals and first kisses and indictments you’ve seen on TV instead.

The fact is that we can become prisoner both to our regular life scripts, the somnambulant routines we fall into in the day-by-day, and to the melodrama we inherit from Hollywood writers to cover the notable pieces. What Shady Side gave me on the day-by-day was an appreciation of the obtuse, the angular, the colorful byplay that gave me more to remember and that challenged me to establish my own identity when so little seemed within my own control. And what it gave me on the bigger picture was a chance to cultivate a passion, and to see that the world wasn’t just me and those who crossed my field of vision. It was us, a bunch of people trying to make sense of things, whether teacher or student, loser or bully. And these labels aren’t doled out, one to a person. Instead they are fluid roles that each of us take on at one time or another.

To escape the backpack kickers I retreated further into nerd-dom. I was lucky enough to be given time on a school TRS-80 personal computer during free periods. Near the computer was a looseleaf notebook with a series of tutorials about programming. I don’t know where it came from, but it walked me through learning basic computer science. The text was both comprehensive and witty – it anticipated my questions just as I had them. Only when I entered the Senior School did I meet the author of that book – someone who teaches philosophy here as well as computer science, one of so many teachers whose care and patience with students has been transcendent.

My nerdiness took a turn for the social as PCs became networked. I participated in local bulletin board systems and later on CompuServe, a proprietary pay-by-the-hour service with user forums on various topics. Six weeks later my parents got the first charge from CompuServe on their credit card. I had to tell my online friends that I couldn’t afford it anymore – I hadn’t admitted I was only 13 – and I was offered free time in exchange for becoming a “sysop,” a system operator who would help people find answers to their questions, and mediate disputes. Thus I came to explore how online communities could govern themselves even as the basic social structures of high school eluded me.

We have such examples today, magnified that much more by the reach of the Internet, as many of you know and as your parents fear. The underlying fabric of the Internet itself depends on a sense of community. For Internet routing to work – for data to get from point A to point Z – it passes through any number of intermediate locations, each of which moves it one step closer to its destination. How does each location know in which direction to pass a packet of information? There’s a map, not maintained by some central authority, but generated on the fly by each participating way station. It’s as if each of you were alone on a mountaintop, and could only see those who were one peak away. To build the map, you start saying what you see to others nearby: you say to the person on your right, “Here’s what I see to my left.” And you tell the person on your left what you see to your right. They can then tell those near them what they’ve heard from you, and vice versa. Lather, rinse, repeat, and you have the makings of a distributed map, based on gossip. One day the government of Pakistan sought to filter out YouTube from its citizens. It told its Internet Service Providers to block access to YouTube. One small ISP carried out the order by sending a small lie to its subscribers and neighbors: it announced that it was in fact YouTube. Its subscribers’ packets were then drawn there like a magnet, where the ISP could throw them away, since the point was to block YouTube.

But it didn’t stop there. Within a few minutes word had ricocheted around the Internet that YouTube had moved, and if you were here in Pittsburgh trying to reach YouTube, your packets were going to Pakistan and not coming back – and there was nothing that YouTube, one of the most popular Web sites in the world, and its owner Google, the most powerful company in the world, were particularly privileged to do about it. So how was the problem solved? It’s as if the Bat Signal went up, and the call was answered by NANOG, the North American Network Operators Group, an informal mailing list of nerds, some of whom work for various ISPs. NANOG members diagnosed the issue and promulgated a fix. It’s as if your house were to catch on fire. The bad news is that there’s no fire department. The good news is that some of your neighbors promptly come over with garden hoses and put the fire out, expecting neither payment nor recognition for their help. It’s an extremely powerful civic defense system, powered in large part by goodwill. Though I wonder how vulnerable the Internet could be during a major Star Trek convention, when NANOG members are otherwise occupied and no one is minding the store.

Speaking of scifi, consider another example of community governance: the case of Star Wars kid. He took a school video camera borrowed for a class project, put it on a tripod, and demoed some light saber moves using a golf ball retriever. His friends discovered the video and place it online, where it became one of the biggest viral hits of all time. He wanted none of this – in fact, he was utterly mortified by it. No matter; mash-ups and derivatives were made from the original video, including Matrix and Lord of the Rings versions, and he became a laughingstock at school.

A modicum of compassion and respect turned up in an unlikely place. Wikipedia naturally has an article on Star Wars kid. Each article on Wikipedia has a corresponding discussion page, and debate raged about whether to include his name in the account of his humiliation. The Wikipedians argued earnestly and then decided by vote – not unanimous – to leave the name out, and to this day the Wikipedia entry omits it. They’ve since had to address questions like the weight of precedent, so those who disagree with the decision know how soon the issue can be reopened, and how to achieve enforcement – namely by tapping the efforts of even those Wikipedians who disagree with the outcome, but respect the system that produced it. They help keep the project going through challenges small and large. Indeed, at all times Wikipedia is about 45 minutes from utter destruction, such as from spammers who would like to turn every single article into an ad for a Rolex watch. There’s just a thin geeky line of unpaid volunteers who care to save it that keeps it functioning. Again: the Bat Signal goes up, and well-meaning, reasonable people answer it, usually not wearing spandex. It’s been fascinating to watch Wikipedia fashion and institute a form of law, in the best sense of law as an enterprise emanating from people trying to get along and be fair, understanding that they will not always agree.

My view is that Wikipedia and projects like it belong at the heart of a high school and college education. Instead of turning to a handful of approved sources and paraphrasing them to write a ten-page U.S. History paper that will be viewed and graded only by the teacher – who looks at a stack of papers and anticipates the same bad movie, twenty times – you can be asked to demonstrate a sustained and original contribution to a Wikipedia article on an important topic, having to contend with conflicting sources and others’ arguments, learning to discern and then defend truth amidst chaos – and to refine your own view in light of what you discover. There are few things as devastatingly disarming to others as admitting when you’re wrong.

For the world you are entering – really the one you’ve been in all along – is one swimming in received wisdom, accepted uncritically. Too easily we farm out the hard work of knowing whether our society is on a sustainable path to policymakers, experts, or the media. It’s like: Katie Couric will tell us if there’s anything genuinely worth worrying about. But these channels of authority are overwhelmed, dysfunctional, and in some cases outright corrupt.

What will reinforce them, or even take their place, is something you can help build, with tools that even ten years ago were unknown. The key is to move from the reactive, desultory world of Charlie Brown to one in which you appreciate that you are generally at least as empowered as the next person, and to realize the ethical dimension that accompanies the day-by-day as well as the landmark events in life. As my best friend at Shady Side put it, reflecting on what he knows now that he and I had missed in high school, one of the best ways to evaluate your success is the effect you have on a room of people – family or strangers – when you enter. Does it become brighter or darker? That’s something you can choose, even though too often it’s just a script followed without much thought. Enterprises like Wikipedia urge us to ask the same question in our virtual lives, knowing how often they touch real ones.

We are at a time of great uncertainty. The economy is in the tank, after most talking heads told us things were fine. We’re told that global warming will wreak havoc on our planet, and we are the cause. Things went right from “too early to tell” to “too late to do anything about it.” The best among us are afraid of being found out for the frauds we suspect we are, because part of leadership is to exude a confidence and stability that isn’t always truly felt. (The worst among us are Bernie Madoff, who’s just a fraud.)

But you are at a time of great promise. In your immediate future you’ll literally be handed a catalog of humankind’s knowledge and asked to select four or five subjects to study for months at a time. And you’ll have an amazing amount of free time; Shady Side is far more rigorous than college. You can use it to find and pursue your passions, and to greet with joy and mischief new friends and relationships. (On the mischief front, I confess that Jon Beckerman and I were responsible for running the flag lampooning the headmaster up the flagpole and cutting the halyard. It flew for a week, until a bucket truck that said “Bob’s Erections” on the side came to take it down. We also were the ones who dropped a bean down the drain of each of those tiny sinks in the science lab tables. About a week later the stalks came up, and we tied a sign to each faucet that said DO NOT DISTURB – EXPERIMENT IN PROGRESS.)

As you forge and savor the interpersonal connections that make all the difference between simulating a successful life and living one, you’ll be ready to improve the world in the only way that it really ever happens: to answer a Bat Signal that calls to you. I hope without needing spandex.

Congratulations, good luck, and see you on Facebook!

Responses

Feed

Eszter says:

June 8th, 2009 at 9:59 am (#)

Great read, thanks for posting it here!
Susanna Bjorkman Finke says:

June 8th, 2009 at 10:53 am (#)

Fantastic! I wish we’d had such a great and inspiring speech for our commencement. I love your suggestion for replacing the US history paper, btw. That must have been quite a full-circle moment, addressing SSA commencement!
mollyclare says:

June 8th, 2009 at 2:33 pm (#)

AWESOME. Thanks for posting. As one of the nerdiest teachers at SSA, I’ll be reminding my students of it next year at appropriate moments.
Bradley Peacock says:

June 8th, 2009 at 3:12 pm (#)

Well done. Great message.
You brought a flood of memories back, Jon.
Lord of the Flies and chalk dust….fantastic.
Seth Finkelstein says:

June 9th, 2009 at 9:36 am (#)

> “My view is that Wikipedia and projects like it belong at the heart of a high school and college education.”

Noooo … RUN AWAY!

To quote Lore Sjöberg:

http://www.wired.com/software/webservices/commentary/alttext/2006/04/70670

“But why should I contribute to an article? I’m no expert.

That’s fine. The Wikipedia philosophy can be summed up thusly: “Experts are scum.” For some reason people who spend 40 years learning everything they can about, say, the Peloponnesian War — and indeed, advancing the body of human knowledge — get all pissy when their contributions are edited away by Randy in Boise who heard somewhere that sword-wielding skeletons were involved. And they get downright irate when asked politely to engage in discourse with Randy until the sword-skeleton theory can be incorporated into the article without passing judgment.”

Whichever side of that you’re on, it’s not good.
Amanda French says:

June 11th, 2009 at 7:59 am (#)

I disagree (note the polite discourse) with that Lore Sjöberg quotation; I wouldn’t at all characterize the Wikipedia philosophy as “experts are scum.” And while it’s surely true that a lot of experts get “downright irate” about Wikipedia, that’s not necessarily an argument against teaching students about Wikipedia and its model. If only so that they could come up with more reasonable criticisms of Wikipedia than those.

How about this: let’s put, at the heart of high school and college education, the propositional statement that “To be guided or governed by a few experts is better than to be guided or governed by many amateurs.” Investigate and discuss.
Amanda French says:

June 11th, 2009 at 8:12 am (#)

Just a note: here’s an example of a teacher who puts Wikipedia at the heart of his history course: Mills Kelly requires his undergraduate students to “create or substantially edit” a Wikipedia article on history, then track what happens to it. In this course he also used Wikipedia as the textbook — not by any means uncritically. http://edwired.org/?p=126
J M Johnson says:

June 11th, 2009 at 8:59 am (#)

I had a wonderful time reading this. Thank you!
Lee Silverman says:

June 11th, 2009 at 5:31 pm (#)

Well done! This brought back some great memories of my time there. Congratulations on delivering a message that I am certain they were able to relate to on numerous levels, and provided them some humorous and valuable food for thought.
Seth Finkelstein says:

June 11th, 2009 at 10:31 pm (#)

Amanda, during the “Essjay scandal” a very high-ranking Wikipedia editor lied to a _New Yorker_ reporter and claimed to be: ‘a tenured professor of religion at a private university’ with ‘a PhD in theology and a degree in canon law’ … [in fact] he is 24 and holds no advanced degrees, and that he has never taught.”

Co-founder Jimmy Wales stated “I regard it as a pseudonym and I don’t really have a problem with it.”.

I submit – this is NOT the sort of environment one wants to toss students into. Except perhaps from a very cynical perspective of having them deal with intensely toxic dysfunctional politics, and learn that blatant lying is OK if it helps the organization and the boss, and the only sin is to get caught. Now, maybe that’s a helpful lesson for budding lawyers or politicians. But let’s not confuse that with scholarship and intellectual education.
Defend Truth Amidst Chaos « The Progressive Internal Critique says:

June 12th, 2009 at 1:00 am (#)

[...] having to contend with conflicting sources and others’ arguments, learning to discern and then defend truth amidst chaos – and to refine your own view in light of what you discover. There are few things as [...]
Anna says:

June 12th, 2009 at 3:12 am (#)

great speech prof. z!
JRS says:

June 16th, 2009 at 3:31 pm (#)

Thanks so much for posting this terrific speech! Clearly you wrote it for the class of 2009, but you should know that there were plenty of other people in the audience that day (emeritus faculty in particular) who relished your description of SSA lunacy and took enormous satisfaction from what you had to say about the value of committing to a worthwhile cause despite life’s often-frustrating limitations. You did a lot of people a lot of good with this one. Many thanks again and best wishes!
Commencement video :: The Future of the Internet — And How to Stop It says:

June 16th, 2009 at 8:57 pm (#)

[...] (Text available here.) [...]
jessamyn says:

June 17th, 2009 at 6:34 pm (#)

“[T]hroughout life you will encounter people in positions of authority over you whom you believe to be lunatics. How you handle these situations will in part determine how happy you can be.”

It’s so important for young people to hear these words, now more than ever, especially from successful nerds. Thanks for typing this all out, it’s a shot in the arm to read.
A View for Digital Natives (and others) about our Future in the Information Age — DigitallyMark says:

June 18th, 2009 at 8:26 pm (#)

[...] originally saw this commencement address in print. Even though it was offered on the author’s Web site, I have to admit, my first thought was [...]
Linkdump for June 19th at found_drama says:

June 19th, 2009 at 10:03 pm (#)

[...] When the Bat Signal calls at The Future of the Internet — And How to Stop It (via JW): The key is to move from the reactive, desultory world of Charlie Brown to one in which you appreciate that you are generally at least as empowered as the next person, and to realize the ethical dimension that accompanies the day-by-day as well as the landmark events in life. (tagged: humor education inspiration essay ) [...]

Blog

Facebook’s ocean of names becomes a torrent

Nick Bilton over at the NYT Bits Blog has the story of Internet security consultant Ronald Bowes’s recent Facebook caper. Ron noticed that Facebook has a directory of its users, just like the old Bell Telephone White Pages. I agree with Ron’s assessment that this is a very little-noticed feature: normally one searches on Facebook not by looking at a directory, but rather by typing a name into a search box. It’s in plain sight, though, at http://www.facebook.com/directory:

There are two differences that jump out between this awe-inspiring alphabetical listing of all Facebook users and a dog-eared telephone directory. First, Facebook’s directory has a staggering 171 million names in it. Second, in good news for paper prices everywhere given the first difference, the directory is digital — it’s right there, online. And if it’s online, it’s scrapable. Ron, being of the inquisitive engineering sort who can’t help but push a button if he sees one, figured that supply creates demand, and went ahead and scraped the directory.

That means he produced a file on his own hard drive containing more or less the directory’s main contents: for each person listed, a name, the person’s Facebook URL (what one types in to go directly to his or her entry), and unique Facebook ID (not a secret; this is part of a person’s Facebook url). The resulting file is only a few gigs — amazing how cheap storage has become that so much can be roughly the side of an episode of House. Ron then placed it online as a torrent — which means anyone can download the file, and voila, a snapshot of Facebook’s membership as of July 2010.

So, is this a problem? As I’m writing, news is only just breaking, so it’s like that moment when a toddler trips, falls, and then has to think about whether to cry or not. “You’re OK!” is usually what the alert parent encouragingly says — and if the toddler buys it, it’s usually true. In fact, even if the toddler doesn’t buy it, it’s still usually true. In this case, I think I’m with the metaphorical parent. The data that Ron grabbed is precisely what Facebook users have chosen (or perhaps more accurately, passively acquiesced) to share. For those who lock their privacy settings to avoid having a public listing in a Facebook search, they’re not present here. For those who have, they are — along with a click through to their respective Facebook pages however they’ve chosen to share them.

Ron appears a little disquieted by it because of the prospect that the snapshot can live forever more. If you remove your Facebook account or up your privacy settings, that will be reflected in real time in the Facebook directory and search (or at least it should be!). But the torrent file exists forever — so one’s privacy choices are locked into that moment. This is an artifact of having a service — Facebook — converted into a product — a Facebook database — the way that universities used to not just maintain online directories, but also publish bound volumes of their alumni with addresses, for those who opted in. (In fact, many universities still do this; someone should tell them about saving the trees.)

There’s some privacy hit there, but there are also benefits. By making a public directory — and a scrapable one, no less — Facebook gets more inbound links and attention as its members become easier to find. And we benefit by having Facebook’s subscribers’ public pages indexed by the likes of Google and Yahoo! search. In fact, when searching on a person’s name in a regular search engine, quite commonly a Facebook entry is one of the top hits. That seems to me a good thing, and once Google, Yahoo!, and Bing have it, why shouldn’t Ron and anyone else who wants it have it too? Indeed, Ron already did some cool stuff with the data. For example, he crunched it all and came up with a list of Facebook’s most commonly used first and last names, discovering “Michael” and “Smith” coming in at number 1 for each. Congratulations, Michael Smith, you are hidden in plain sight, since a search for you turns up so many others at the same time! (Not so much with “Jonathan Zittrain”…)

Anyway, that’s generativity at work: Facebook makes available a directory on free and open terms, and people do stuff with it, some of which can surprise us. There could be bad surprises, too — Ron and others hint at undesirable data mining — but I’m glad that the gates of Facebook’s gated community have some slats in them, rather than being a solid wall. At most, it seems to highlight the desirability of getting the defaults right: Facebook shouldn’t have people automatically publicly sharing stuff they’d not normally share, without clear markers on what’s about to happen. As Google would say, “Please read this carefully. It’s not the usual yada yada.”

Indeed. There have been so many Facebook privacy mini-scandals that we’re primed for the next, and the involvement of a torrent file adds an element of seeming subversiveness to the mix, given the association of p2p with contraband material. But sometimes when the boy cries wolf it’s just a shadow. I count 8 Yadas in the Facebook directory. And I, along with my cool musician brother Jeff Zittrain, fall in between Aron Zittra and Austin Zittrauer. Until now, who knew? Interesting — but not pitchfork worthy. …JZ

Android kill switch activated & some links of the week

Control over tethered appliances basically comes in two forms: pre-approval of apps and kill switches. As this blog has documented, Apple has had a very heavy hand in screening apps, but — as far as we know — they haven’t ever used the iPhone kill switch. I was a little surprised to find that out, and I wonder why they haven’t used it. Maybe the screening process is keeping out malicious apps, and they’re content to let users keep apps that are merely in bad taste (although they remove them from the app store). Maybe the bad publicity from past kill switch uses — see Amazon and 1984 — has stayed their hand. Or maybe they have removed apps and it just hasn’t been publicized.

Google has taken a different tack with Android: they’ve largely surrendered the power to pre-approve apps, because Android users can always download apps from third-party sources. But they too have a kill switch, and according to the Android developers’ blog post, they decided to use it a few weeks ago. (It’s not totally clear from the blog post, but it sounds like they’ve also used it before on clearly malicious apps.) An app that claimed to offer Twilight photos turned out to be a demonstration, done by researchers, of how easy it would be to create an app that would turn phones into a botnet. The app didn’t actually create the botnet (and it didn’t show Twilight photos, either, so most disappointed downloaders deleted it), and the researchers presented their work at the conference. Nonetheless, after they heard about it, the Android team decided to remotely delete remaining copies of the app as part of a “cleanup” process. Affected users received notifications.

I can see why they wanted to do that. A report documenting Android vulnerabilities was recently released, and it’s caused some hand-wringing over Android’s security. There’s also no sense in leaving a loaded weapon laying around. And I’m glad they told both customers and everyone else that they’d deleted the apps. Still, I do worry about the removal of an app that isn’t actually harming any machines. More generally, I think that if Android is going to stick to the plan to not pre-screen apps and have an open system, they and we are going to have to think seriously — more seriously than Apple has had to — about the ethics of the kill switch. Questions like whether there should there ever be an opt-out, whether users should get refunds, and whether it should be used in cases other than damaging viruses are all still wide open.

And a few quick links:

Leaked MS Presentation Shows App Store Plans For Windows 8. Why all this thinking about app stores and kill switches matters: there are already plans to transfer the app store model from phones to PCs, where the arguments about the virtues and harms of contingent generativity have even more salience.

Google’s mismanagement of the Android Market. Jon Lech Johansen thinks the lack of pre-screening is hurting Google and Android.

Did Apple Flip the iOS Kill Switch on NDrive? Wait, has Apple already used the kill switch?

New zombie code in effect by December. Here’s a totally different option for improving security: let users keep open PCs, but if they become infected, have their ISPs quarantine them or reduce their internet speed to a crawl. That way, users will have to get their computers fixed and can’t keep infecting others. Internet Industry Association CEO Peter Coroneos said of the plan: “I’m sure there are people around that resent having to put new tyres on their car when they’re unroadworthy, or have their breaks done . . . But the reality is that we have argued that internet users have a responsibility not only to themselves, but also to other users on the internet.” The code will be made available to Australian ISPs soon.

One Brown Package: From Seattle to Norway. Why we love the internet in the first place: unexpected avenues for fun, creativity and kindness (here, in the form of people working to get a package from Seattle to Norway). They claim inspiration from JZ’s TED talk on the web on random acts of kindness. The package is currently reported as missing.

—By Elisabeth Oppenheimer

FOI Topics and Links of the Week

iPad security breach. Even closed systems can be vulnerable to exploitation. A group of high-profile iPad owners, including President Obama’s Chief of Staff among 114,000 others, had their email addresses exposed by a web security group. Although it was AT&T’s network that was compromised, Apple is shouldering much of the blame, since it denies iPad customers a choice of carriers and also requires an email address to activate the device. AT&T patched the security hole, but not until after the script used to exploit it was shared with third parties. The FBI is investigating.

Facial recognition and next generation privacy. David Thompson gives an update on the progress of facial recognition software and its implications for privacy 2.0. In addition to describing the revolution in surveillance capabilities that occurs when a person can be identified on any security camera feed or in any of the more than three billion photos on Flickr, he notes that Face.com released an API last month, allowing developers free access to its facial recognition technology and the green light to adapt it for new uses. Here’s hoping the appropriate norms evolve in tandem.

Defamation liability: please fwd. A bankruptcy court in Texas has ruled that forwarding an email link can be considered defamation. The defendant in the case didn’t send a copy of the actual content, just a link to a website. Neither had he written any of the defamatory content on the website. It’s unlikely that the ruling will survive an appeal, since forwarding a link probably doesn’t amount to the required element of “publication” under a traditional interpretation of defamation law. Still, it’s something to think about the next time there’s a link to a juicy tabloid story in your inbox.

Shifting foundations of the App Store. Apple continues to indulge its discretion when it comes to approving iOS apps. This time it pulled an app for being “widget-like,” despite approving three previous versions. The frustrated developer asks “How can a company be prepared to invest into a platform that can change at any time?“

It Gets Worse: Apple Censors a Gay Kiss in Oscar Wilde Comic. In another Apple censorship story, the company appeared to block out a kiss in a comic book because two men were doing the kissing. To be fair, it’s not entirely clear to me from the pictures in the article whether the same-sex kiss was the cause of the blackout, but the author claims that similar opposite-sex scenes have gone unchanged in other comic books. As he says, “the more examples I see of Apple’s capricious censoring, the less funny it is.”

Steve Jobs at D8: Post-PC era is nigh. In the introduction of the book, JZ predicted that Steve Jobs, having launched the PC era, was about to usher it out. Now, Jobs says the same thing. According to him, “PCs are going to be like trucks … they are still going to be around,” but “one out of x people will need them.”

TiVo’s ‘Big Win’ Over Dish On Patents Looking Less And Less Solid, As Patent Office Rejects Patent Claims. Update in the TiVo-EchoStar battle: we may never find out if EchoStar will actually have to remotely kill already-purchased DVRs, because the Federal Circuit is rehearing the original patent claims en banc.

—By Jennifer Halbleib and Elisabeth Oppenheimer

The Internet’s Fort Knox Problem

A few weeks ago Internet security firm McAfee released an update to its Windows PC customers designed to protect them against a newly detected virus threat. Instead, for some, the update destroyed a legitimate, and crucial, system file. Uncountable numbers of PCs – likely hundreds of thousands, even millions – were rendered unusable. The University of Michigan medical school lost the use of 8,000 of 25,000 PCs. State troopers in Kentucky abandoned their cruisers’ mobile PCs and resorted to writing reports by hand. Some hospitals in Rhode Island turned away non-trauma patients from their ERs.

The issue is larger than one firm’s unfortunate misstep. It echoes across the entire Internet. Call it the Fort Knox problem.

Fort Knox represents the ideal of security through centralization: gunships, tanks, and 30,000 soldiers surround a vault containing over $700 billion in American government gold. It’s not a crazy idea for a nation’s bullion; after all, the sole goal is to convincingly hoard it. But Fort Knox is an awful model for Internet security.

Our IT environment has traditionally been immune from many Fort Knox issues, because its architecture has encouraged decentralization. One PC might be compromised, or Web site might fall, but others stand. Bad guys on one side of the spectrum, and well-intentioned regulators on the other, each had to sweat to have an impact on Internet activities.

But the bad guys were clever and industrious. Their digital robots came to costlessly crawl the Web looking for computers and sites to compromise, leveraging their reach. Operators of well-financed Web sites have dealt with rising anxieties about security by spending enormous amounts of money on digital bunkers and backups for their data, while littler ones have hunkered down and simply hoped they wouldn’t be hit.

The public sector has been confused about how to help. Governments know how to maintain and defend their roads and waterways, but have been stymied in cyberspace: so much of it is rightly privatized that there’s no obvious place to station a guard and no way to fill a digital pothole. Worse, since identifying those behind intentional attacks online is exquisitely difficult, the traditional state tools of deterrence and punishment are ineffective.

That’s why we now see centralization under a few major corporate umbrellas under which disparate activities can be gathered. The lures of security, interoperability and economies of scale have propelled much of the Web from a vibrant ecosystem of different, and differently managed, PCs and sites to one where a handful of private Fort Knoxes take responsibility for security.

But we can’t simply put our precious data into a single well-protected vault and peek in every few years. We need to guard our PCs and data, but we also need them to be part of a worldwide network. When we’re not masking our digital trail, we’re eagerly sharing it. If we try to centralize its protection, it’s not a one-time transaction: rather, we need a constant gatekeeper who signs our data in and out every time we want to make use of it. That’s a thread that runs from the McAfee debacle, where millions of people and firms turned the keys to their computers over to a third party to handle, through to cloud-based platforms like Facebook, where the company’s assent is increasingly needed to run unrelated applications on its platform or to log in to unaffiliated Web sites that no longer care to maintain their own digital borders.

If McAfee makes a mistake, many people pay at once. If Facebook’s computers go down or are compromised, thousands of otherwise-independent applications and sites suddenly go down with it. It’s not just our own data and transactions at risk, but our collective memory: the flip side of a centralized defense against bad guys is vulnerability to well-meaning good guys. For example, if the generally laudable Google Books project is a spectacular success, we’ll see libraries give up their moldering, isolated archives of regular books in exchange for PC terminals where patrons can peer at an ephemeral digital copy drawn from Google’s central archive. It makes sense – and no doubt Google has near-impregnable backups – but it’s also an opportunity for a government to intervene in worrisome ways.

For example, if one book in the system contains copyright infringing, or defamatory, or obscene material, those aggrieved can get a court order requiring the infringing pages of the book to be deleted from the central server. This vulnerability affects every book that is distributed and maintained through a centralized platform. Anyone who does not own a physical copy of the book – and a means to search it to verify its integrity – will now lack access to that material. By centralizing (and to be sure, making more efficient) the storage of content, we are building a world in which, as a practical matter, all copies of once-censored books like Candide, The Call of the Wild, and Ulysses could have been permanently destroyed at the time of the censoring, and could not be studied or enjoyed even after subsequent decision-makers lifted the ban.

So what do we do? We have two things going for us that the real Fort Knox doesn’t: we can make copies of our digital gold, and there are lots of us, each with our own stake in security and autonomy.

First, so long as there aren’t undue barriers to extracting our own data from cloud platforms or our own PCs, backups can become more seamless, and made in a variety of ways, making a McAfee misstep or anything like it less costly. Then we have our cake and eat it too. The same principle applies to projects like Google Books, where participating libraries can arrange to securely maintain their own gold copies of Google’s precious trove – kept to compare against others’ copies, so omissions and changes can be detected and appropriately challenged, not leaving Google with the sole burden of holding off government speech regulation.

Second, we need to reinvigorate the Internet’s principle of open, distributed architecture that has sparked so much growth and innovation. Our choices for security aren’t simply among government soldiers, corporate mercenaries, or our own personal barricades – though each has a valuable role to play. Rather, we can reinforce open, shared early warning systems to enumerate and deal with security threats, whether against PCs, Web sites, or Internet connectivity. With a few technical tweaks, we can all further help relay data from Web sites that are under attack, stabilizing their presence. Security shouldn’t have to be purchased like a personal bodyguard. Far more flexible than Fort Knox are people, each with their own pocketed gold and machinery, empowered to look out for one another.

A version of this appeared in the Financial Times on June 3rd, 2010.

FOI Topics and Links

Google launches Government Requests tool. Google is now making public information on the requests it receives from government agents to remove content from its search results or reveal private user data. The Government Requests tool currently displays the number and type of requests by country for the last six months of 2009. In a bit of irony, last week Google disclosed that it had accidentally collected fragments of private user information over unencrypted Wi-Fi networks during drive-by data collection for Google Maps.

Communicating with the e-book mothership. If the latest must-read on Kindle is dotted with typos or has a few pages missing, there’s a good chance Amazon offers a patch to correct the error. It’s a handy Internet-enabled functionality, although one can imagine at the extreme authors continuing to update their work ad infinitum, making it impossible for a reader to say he or she has read an e-book since content is always subject to change. Information flows in the other direction on the Kindle superhighway too, as Amazon apparently keeps track of what readers are highlighting. There’s some creep factor in Amazon knowing what ideas Kindle readers think are important, even if the most highlighted passages are in works as deep as The Lost Symbol. But the information is also so interesting.

The remote control. In April, Sony quietly revised the End User License Agreement that came with the latest PS3 firmware update to allow the company to change how an owner’s console operates in whatever way it wants, no notice or permission required. Now the FCC, at the request of the MPAA, has given cable and satellite providers the right to remotely disable output connections on consumers’ set-top boxes, leading consumers to ask “What did I buy?”

Curated Computing is the new name in town for the experience provided by the tablet non-PC. This particular term is meant to accentuate the “less choice, more relevance” aspects of that experience. It rolls off the tongue more smoothly than “contingently generative” and sounds less regressive than an “appliance,” but it connotes somewhat life aboard the Axiom. However, its proponents suggest that curated computing devices are meant to exist alongside and supplement traditional PCs. Let’s call that a worthy goal and the best of both worlds.

iPhone pillow talk with Steve Jobs. A ValleyWag reporter last week exchanged late-night emails with a defiant Steve Jobs on the iPhone’s ability to give people “freedom from” data theft, battery hogs, and porn. The emails speak for themselves, giving a little insight into Jobs’ perspective on the benefits and aims of the iPhone. He gets a little snarky at the end, but then again it’s 2am when he’s responding, and he never has a chance to clarify his comments, unlike the Gawker reporter.

Android outsells iPhone. During the first quarter of 2010, phones with the Android OS grabbed 28% of the U.S. market share, surpassing iPhone’s 21% (RIM’s Blackberry is still at the top with 36%). Although Android benefited from Verizon’s buy-one-phone-get-one-free promotion and iPhone continues to lead worldwide, it appears Google is getting closer in Apple’s rearview mirror.

McAfee prevents computers from booting up in new virus-protection strategy. Centralizing security software in a few big providers concentrates expertise to solve problems, while also meaning that there are only a few–albeit strong–security systems the bad guys need to breach in order to wreak widespread havoc. But in a previously under-appreciated risk, a flawed update of widely-used antivirus software can cut out the middleman and accomplish the same havoc directly. A McAfee software update mistakenly identified a critical file as a virus and quarantined it, causing computers around the world, many of which automatically install updates, to repeatedly attempt to boot up. One source estimated that 800,000 PCs were affected.

Taking [re-]generativity seriously. A Connecticut mayor donated her kidney to a Facebook friend last month after seeing his desperate status update. The patient’s doctor had suggested that he try publicizing his need through social media, using an online connection to a forge a real-world bond.

About Jonathan Zittrain

Jonathan Zittrain is Professor of Law at Harvard Law School and co-founder of the Berkman Center for Internet and Society at Harvard Law School