In the firestorm that followed, many people — including some US Representatives — called on Apple raise the walls of their garden and address the issue by limiting app access to the address book and notifying users when the application requests access. Apple agreed, and will be introducing those changes in a future version of iOS.
So case closed. Until this last weekend, when the (London) Sunday Times reported that many popular mobile apps, including Facebook for Android, were “reading” user text messages. (Incidentally, the Sunday Times article is behind a paywall, and I haven’t seen a copy of the original article.) Extrapolating from other articles covering the Times “scoop”, it looks like the story is likely about the permissions apps typically request during the installation process.
Apps that overreach in their requested permissions are a bad thing, but they’re not new, and they’re not a smoking gun: developers may have legitimate and non-obvious reasons for requesting certain permissions, and they may require them for reasons that aren’t immediately clear to the end user. Facebook, for its part, denied “reading of user text messages” and explained that the app requires SMS read/write to test an as-yet-unreleased feature.
These two stories follow different arcs, but the second one certainly seems to complicate the first. The clickwrap privacy policy that Apple agreed to require is exactly the sort of permission screen that has been ignored so consistently that a major newspaper decided to publish it as a scoop.
Raising the garden walls is too easy an answer to a hard question. The response to these two privacy stories makes clear that people want their privacy to be respected, which requires effort and resources on the part of the developer. How do we convince developers that those expenses are worth the cost before a PR fiasco about their privacy practices? I don’t know what the solution is, but it’s not expanding clickwrap privacy policies.
I’m a sucker for stories that are tied to places I know. When I first read Cory Doctorow’s Little Brother, I was only glancingly familiar with most of the Bay Area settings for the different scenes. Now I spend time every day in the Mission, where most of the action takes place, and have a much better feel for the character of the location.
One critical scene, though, takes place outside of the Mission in a place called the Sutro Baths. The Baths are way out on the northwestern corner of the peninsula, and Doctorow calls them “San Francisco’s authentic fake Roman ruins”. They were built in 1896 as the world’s largest indoor bathing house, and left to collapse after a 1966 fire destroyed most of the structure. (In Little Brother, Doctorow says the fire was started by the owners to collect insurance money. I don’t know if that’s true.)
In 1897, Thomas Edison recorded two videos of the attraction, which are available through the Library of Congress: one, two. I made this animated gif from one of them.
I saw the play adaptation of the book this weekend, and I was reminded of this cool location that I hadn’t seen before. So I did some research and decided to make a trip out there with my buddy Robb. I took a handful of pictures which don’t really do the location justice.
The ruins are definitely worth seeing. Bring a jacket, though, because it gets very windy in that part of the city. It’s a bit of a trek to get there on public transport, but mostly a straight shot.
It’s hard to ignore successes in middleman elimination like Radiohead’s In Rainbows, NiN’s Ghosts I-IV, Louis C.K.’s Shameless and the Double Fine Adventure. But they’re not immune to criticism either. Sure, it works for them — the argument goes — but they’re already famous. And the legacy players have always served (at least) two roles; while the Internet may beat them for distribution, it’s not as good for discovery.
The most ready response to this, I think, is that there are also plenty of examples of the Internet “discovering” artists: Amanda Hocking, the 27-year-old self-publishing millionaire; J.A. Konrath, who turned down a $500,000 contract to self-publish; Jonathan Coulton, one of my favorite musicians, to name a few. Cory Doctorow has said (I can’t track the quote down, unfortunately) that his CC publishing was only dismissed because he was unknown and could afford to experiment until it was dismissed because he was famous and could count on people buying copies.
But that response isn’t the most interesting one to me. What’s interesting is the underlying embedded question: is there an appropriate “yield” we should seek for artists achieving commercial success? What factors influence that number — pursuit of the social good, some kind of commitment to artists, something else entirely? Should the likelihood of success be dependent on commercial viability, or some other quality like “artistic value”?
One thought strikes me immediately while considering the question. The system we’ve had in place until now has been a pretty awful one for discovery. Picking up a guitar, or a video camera, or a paintbrush has never been a “secure” career path, has it? I don’t know how one would quantify what the ratio of aspiring to commercially successful artists was in, say, the second half of the 20th century, but I imagine it’s vanishingly small. Without that quantification, and without settling on an ideal ratio, I think we can say neither which direction things are moving, nor whether it’s the right one.
That (some percentage) of artists and authors deserve to derive a living from the right to copy their work is a relatively new idea, sometimes attributed to Johann Gottlieb Fichte. I like art and creativity, and while I don’t believe it’d go away absent monopolies like copyright — Mozart and Shakespeare, et al, managed to do some pretty good things without it — I’m happy to cede a little common ground to make the lives and livelihood of artists easier.
It’s worth nothing, though, that some people (and even some artists) are willing to go further. The filmmaker Francis Ford Coppola gave a great interview last year where he addressed this point: “I’m going to be shot for saying this. But who said art has to cost money? And therefore, who says artists have to make money?” And the aforementioned Jonathan Coulton has made some really thought-provoking comments on the issue:
making money from art is not a human right. It so happens that technological and societal blahbity bloos have conspired to create a situation where selling songs about monkeys and robots is a viable business, but for most of human history people have NOT paid for art. I don’t want this to happen again, and I would be very sad if this came to pass, but it’s not up to me to decide. We are constantly demonstrating through our actions what we believe to be the norms for acquiring and consuming content.
These are hard questions, and I don’t know the answers. But I think they’re worth discussing before we ask new questions on top of them. If we’re going to ask whether the Internet is capable of making enough artists successful we have to first ask how much is enough, what we call successful, and why we’ve made these decisions.
A few weeks ago, I wrote about Paul Carr’s accusation of hypocrisy within the tech community for opposing bad copyright legislation and then also speaking out against plagiarism. His take was wrong, but it wasn’t unusual; it’s all too common for supporters of wrongheaded copyright legislation (like SOPA, PIPA and two decades of more successful proposals) to settle on a characterization of their opponents and then cry foul when those characterizations are not consistent with reality. It’s an example of confirmation bias: favoring information that supports a hypothesis and discarding (or dismissing as hypocritical) information that doesn’t.
The problem is that it’s not very productive to assume that actions which seem internally inconsistent are taken in bad faith. It makes a lot more sense to think of your own model as incomplete, and take in the words and actions of other as feedback to inform it.
In that spirit, I want to dig a little deeper into the motivations of the people who support legislation for expanded copyright laws. Especially in the heat of the debate, when rhetoric is running hot, it’s too easy to assume they’re real malice or profound ignorance. But to do so poisons the conversation and makes progress less likely. Worse, it makes it difficult to predict the next move and to change the conversation.
So what is it that drives the entertainment industry to promote legislation that is so offensive and anti-user it can lead to the biggest online protests in history?
Is it about money? The entertainment lobbyists provide plenty of stats about the money lost to “piracy”, but they know better than anybody that the movie industry is taking in record profits. And while there are problems with ever drawing a direct connection between infringement and lost revenues, the estimated impact of the “piracy” SOPA was addressed at was under $450 million — not pocket change, but not a crippling expense to these corporations.
Is it that these people feel there’s an inherent moral wrong in making a copy of something without authorization? That’s the basis for charges of hypocrisy against Bill Keller, the CEO of Vevo, and of course Lamar Smith, to name some very recent examples. Everybody who reads about these knew they were bound to happen — Cardinal Richileu’s famous “six lines” quote might as well be updated today to specify copyright violations explicitly.
But more importantly, if their goal were to reduce unauthorized copying, one has to assume they’d be taking the obvious action: making authorized copying easier. Or at least don’t make it harder. As long as these companies are undermining efforts to reduce piracy, it just doesn’t seem like it’s their goal.
Those who count on quote ‘Hollywood’ for support need to understand that this industry is watching very carefully who’s going to stand up for them when their job is at stake. Don’t ask me to write a check for you when you think your job is at risk and then don’t pay any attention to me when my job is at stake.
All along, the understanding has been that the jobs in question were those of the men and women working on film sets or movie theaters (or, extending the idea beyond its logical bounds, the corn farmers behind the popcorn sales). But if that’s the case, it’s not the perception of the rank-and-file. Look at Wil Wheaton, who responded to Dodd’s quote by pointing out that he has “lost more money to creative accounting, and American workers have lost more jobs to runaway production, than anything associated with what the MPAA calls piracy.”
But the actions of the entertainment industry start to make sense when you realize that the executives are really thinking about their own jobs. The executives driving the agenda of the MPAA are tremendously well paid, and they know why that is: for decades, they’ve been able to function as the gatekeepers between artists and the public. They’ve had “exclusive custody of the master switch”, as Tim Wu quoted former CBS News executive Fred Friendly saying. For the most part, artists have hated this arrangement. But there was no alternative.
And you can bet that scares them. They know the Internet is here to stay, and absent legislative intervention, it will continue to disrupt gatekeepers. They probably know that efforts to preserve their outdated function on the Internet, things like maneuvering to control the .music TLD for “accredited” musicians, are Hail Mary passes. Too little, too late.
Echoing Tim O’Reilly a decade ago, the real threat to gatekeepers is not piracy but irrelevance. They’ve gotten comfortable as the solution to a problem that fewer and fewer people have, and now they can see they’re in a bind. It’s not an excuse, but an explanation: they’re pulling out the stops to defend their position, even if it’s against the interests of their customers, and against the long-term interest of the industry itself.
I recently re-installed Ubuntu on my home computer, and wanted to move my office Mac’s Adium OTR key and collected fingerprints over to the new install. I had some trouble, but got it eventually, so I wanted to document the process.
The first step is to make sure you’ve got Pidgin and Pidgin-OTR installed on one computer, and Adium on another.
Adium stores the OTR private key and the fingerprints in
It’s worth noting that neither application stores these keys encrypted. The threat model assumes that if an attacker has access to your Adium 2.0 or .purple folder, you’re already compromised. But that means you have to be extra careful about transferring these files from one computer to another: obviously, sending your key in a cleartext e-mail is not a good idea.
Anyway, harmonizing is just a matter of copying both files from one location to another, and then modifying the key slightly to match the format that each program stores it in. I was disappointed at how poorly documented these formats are, but fortunately the always impressive Guardian Project has gone through and documented each program’s file location and format in order to build a tool to convert files between different IM client formats. The tool’s not done, and so far only converts to their Gibberbot mobile IM client, but the README contains all the information you need.
In the case of Adium to Pidgin key transfer, which both use the standard libotrname field, which is an integer in the Adium config file, needs to be changed to the actual account name. The protocol field needs to be changed from libpurple-jabber-gtalk (in the case of a GTalk account) to prpl-jabber.
You may need to turn Pidgin’s OTR plugin off and on again, but it should recognize your key, and all of your verified fingerprints should show up as well.
