tommorris.org

Discussing software, the web, politics, sexuality and the unending supply of human stupidity.



You don't need to develop for the Worst Case Scenario

Recently I went to the Indie Tech Summit in Brighton. I’ve been meaning to write something intelligent and incisive and informative and lots of other words beginning with i since then.

And I’ve had a text editor open for most of that time which contains only the following words:

Recently, I attended and spoke at the Indie Tech Summit. The first day consisted of a large number of very condensed talks: all of five minutes or less.

At that point, I stop. In the past, I used to be very good at writing about conferences. But I’m not. I think the main thing is that I’m less in a reporting mode and more in an engaging mode.

One of the issues raised at Indie Tech Summit that I thought was most important was how we handle identity. Or better, how we handle authentication. Identity is an easy problem to solve: you have an = on your keyboard, so you can work out whether two things are identical by comparing them. When we talk about identity, we can mostly just skip all the big philosophical discussions about brains in vats and the persistence conditions of minds, and Parfit’s Reasons and Persons and instead talk about signing into services.

When framed like that, the big scary complex issue of identity becomes the far more soluble problem of authentication. How do I sign on to a website?

Easy. Facebook Connect.

Okay, that isn’t exactly independent. It’s Facebook. They’re ghastly corporate silo bastards who are probably selling you out to the NSA.

So we need something that isn’t Facebook or Twitter or whatever.

Okay, then there are some alternatives. There’s OpenID. There’s Mozilla Persona. There’s now IndieAuth.

Not good enough say cryptogeeks. You need to use Namecoin.

Why use Namecoin and not one of the existing options? Because Namecoin is distributed. Yay! Distributed! It’s not reliant on a central repository—specifically, DNS. There’s problems with DNS. Governments have used DNS to block sites. The original domain for The Pirate Bay was blocked by the US government which led to Peter Sunde calling for a replacement DNS.

Namecoin might be the answer to that. It’s basically Bitcoin but for DNS.

Okay, how does that help me log into a website today? How do I replace Facebook Connect with something open today?

Oh, look, it doesn’t solve that problem.

Yet.

That’s always the answer. It doesn’t solve the problem yet.

Okay, when it does, call me and then we can use it.

Until it does, it’s not a viable solution for authentication on the web. I want to share things. I need to be able to log into do that.

The problem here is there is a reflexive attitude on the part of technical people to imagine the worst case scenario and plan for that. Visa and MasterCard and PayPal shut down payments for Wikileaks, so we should use BitCoin. All of us. Now. Throw away your credit cards, turn all your money into BTC, because the government might get you.

The government shut down The Pirate Bay’s domain. Therefore we can’t trust DNS. So don’t use DNS. Use Namecoin.

This kind of attitude makes the perfect the enemy of the good. Worse, it makes future hypotheticals the enemy of the already useable.

This is exactly what is refreshing about IndieWebCamp. Look at the Principles we’ve got:

We’re much more likely to advance the state of the art by encouraging everyone to build what works for them

Namecoin or some other magical technology doesn’t work for anyone at the moment. I can’t send you an email to a Namecoin .bit domain. You can’t sign onto a website with a Namecoin ID.

Hell, to register a Namecoin, the main site I found recommended by people requires me to login with an OpenID. This amazing distributed identity system requires me to log in with an existing distributed identity system.

The indie web is trying to build a more compelling way of doing the ordinary, every day things we do on the web: posting, sharing and so on. We’re not optimising for Julian Assange or Peter Sunde, we’re optimising for us. Now, if I were running Wikileaks or The Pirate Bay, my issues would be different than as someone who wants to share grumbly rants and mediocre jokes and vaguely interesting links.

Facebook and Twitter aren’t designing for the worst case scenario: they are designing for normal people.

If I told my parents that to see the photos I’ve taken on holiday, they need to buy some cryptocurrency and then set up a distributed identity on a blockchain and then modify their DNS settings so that .bit domains resolve to the right place, they’ll find the politest way of telling me to go fuck myself and why can’t I just post them on Facebook like a normal person.

I’m not saying people shouldn’t develop things like Namecoin. Go for it. DNS needs decentralising at some point. But saying Namecoin is an answer now shows you are an idiot who has no idea what the use cases of actual living breathing human beings are.

Worst Case Scenario thinking is a good trait for engineers to have. We need more people to think of all the bad things that could go wrong. But… you can’t design around the worst case. You have to make a tradeoff.

If the cost of fixing the worst case scenario is to make the system either unusable or nonexistent, that’s too high a price to pay. And that’s what saying “oh, let’s just use Namecoin” is. It’s failing to grasp the success conditions of building this kind of technology. The success condition is it replaces the existing corporate-silo-based solution with something that you and other people can actually use. In IndieWeb land, we talk about this in terms of the IndieMark—it’s not all or nothing. You can move further along the path towards success. That’s anathema to this kind of Worst Case Scenario thinking because unless you solve the Worst Case Scenario, you’ve failed.

The nice thing about the indie web movement is if all this Namecoin, distributed, private magical stuff that people have been promising happens… great. We can drop it in, retrofit it to what we’re already doing on the web. If it doesn’t happen, we still get what we have now—basically, the first inklings of an alternative to sites like Twitter and Facebook. We tried stopping everything and then rewriting it all from scratch with XHTML2 and that worked out great.

The moral of this rant is simple: be aware of the Worst Case scenarios, but don’t treat them as the highest priority things to solve because they aren’t. More important, don’t wait around forever for the magic bullet that will fix everything because it probably won’t happen. Build shit now with things that work now.



John Browne's The Glass Closet: a review

I have just been reading Lord Browne’s book The Glass Closet, a very interesting book about being gay in business, and the importance of diversity and more importantly acceptance of difference in business. Browne has a stake in this particular topic: he resigned as CEO of BP after the Mail on Sunday published an article by his former male lover who “kissed and told” on Browne. Browne’s downfall was a product of the closet: in order to cover up for the fact that he had met the gentleman through a rather sleazy ‘rent boy’ website, he claimed to have met him in the park instead. The fact that this story was false was a fairly minor detail that ended up leaving him vulnerable to attack by the media and the court system. The closet Browne had built for himself came crumbling down thanks to a lurid scandal in a Sunday tabloid, and with it a corporate career that the same hacks would likely describe as “meteoric”.

And now a few years later, Browne is writing and campaigning for business to be more inclusive of minorities by making an economic case for the value to businesses of building open and welcoming environments for people of all backgrounds. In The Glass Closet, Browne talks to both out and closeted LGBT people in business as well as professionals in politics, sports and media. Browne’s message is convincing: 36% of gay people are not out at work. Coming out reduces stress and improves productivity—the energy focussed on hiding parts of who we are could be better spent on being creative and innovative at work.

In addition, we live in an era that places great value on authenticity: sharing our whole selves makes us more authentic and thus more trustworthy and more human to colleagues, clients and others.

Building organisations that are welcoming to LGBT people also makes it so that members of other minority groups feel welcome: Browne tells the story of how a company was promoting itself at an equality fair as being open to LGBT people, and lots of young Asian women were picking up the leaflets. Upon inquiry, it turns out that most were not themselves LGBT, but had worked out that if a company had gotten their collective heads around being welcoming to LGBT people, they would probably be have gotten over the hurdles necessary to be welcoming to an Asian woman. In sectors where finding talent is hard, explicit diversity and inclusion policies can mean the difference between getting the best people and not.

On the topic of whether and how to come out at work, Browne gives extensive personal testimony from a wide range of people in business and leans strongly on the side of “yes”. It’s not risk-free, but it’s less risky than some think. Remaining closeted is not risk-free either, it’s just that the cost is not always apparent. Being out does not necessarily mean being “aggressively” out—simply not lying if asked is an excellent middle ground between being a firebrand activist and a closet case.

As someone who has a good thirty of forty years ahead of him inside more or less dysfunctional corporate environments, I’m all for being out (and I am out at work), and I’m all for corporate leadership creating environments for people to be out. To that end, Lord Browne’s intervention in this discussion is valuable. But there’s still a nagging feeling that there are more important issues than whether gay people can get on inside the corporate world.

In the United States, young homeless people are much more likely to be LGBT than the wider population. Young LGBT people are still at greater risk of suicide, self-harm and mental illness. Young LGBT people face the risks of sexual violence, and especially in specific communities, trans people face a risk of combined sexual violence and murder. Schools are still not doing enough to quell homophobic bullying: the government’s continued fetish for “faith” schools only means more LGBT kids being picked on and bullied with the literal blessing of the combined religious and educational authority of their school.

The radical queer critique has a lot of merit here. The business world has issues of its own that can’t be solved just by getting more gays through the door. The malfeasance that led to the collapse of companies like Enron and WorldCom, the casino-like operation of markets in everything from technology startups (sorry, “disruption”) to even world food speculation, and the continued ludicrous control the banking sector has over such enormous amounts of our economy and society. Recently, Barclays were the main sponsor London’s pride parade. This would be the same Barclays that loaned money to both Mugabe’s government and to the apartheid government in South Africa, was recently fined £290 million for manipulating the LIBOR rate, is currently being sued by the state of New York for running a ”dark pool” to enable investors to do off-the-books stock trading, and is being investigated by Britain’s Serious Fraud Office and the Financial Services Authority as well as the US Department of Justice and the Securities and Exchange Commission for their business dealings in Qatar.1 We need to fight back against a world where a small handful of rich banking executives are kings of the universe, rather than just hope they employ a few queens too.

It’s great that the conversation is happening about people being out at work, just as it is great that we’re having professional athletes being out at the start of their career. It’d be nice if we could have more conversations about how we help the “least of these” in the LGBT community, rather than the comparatively well-off people who are climbing the corporate ladder (whether in football boots or well-polished Oxfords). I’ve got friends who are struggling with the stigma of mental illness, with racism, with sexual assault and familial abuse on top of being LGBT and their lives are unimaginably harder than either my life or the life of someone like Lord Browne, but they somehow manage to soldier on. For people at the bottom of society, the trials and tribulations of closeted gay executives of multinationals may as well be taking place on Middle Earth for all the relevance it has to their day-to-day lives. It’d be really awesome if we could collectively make sure their stories were told too.

If you are detecting a little cynicism here, well, congratulations Sherlock: I am fairly cynical. So cynical in fact I may be asking too much of Browne’s book. A book written by a business leader makes the sort of case that other business leaders will be receptive to. That’s Browne’s pitch: diversity and acceptance means happier and more contented employees, which means more productivity, less staff turnover and ultimately is good for business. Browne sells that case well. In addition to his own story, he also includes a wide range of testimonials from people at all stages of both their career and their journey out of the closet describing the issues they have or—even better—have not had to face, somewhat to their surprise.

  1. And despite all this, I still use them because pretty much every other major UK bank also stinks.


Work in marketing? Thinking that a selfie-based social media campaign is a good idea. This Tumblr should help stop you in your tracks.

Unless you are an idiot, in which case you’ll carry on regardless.






The strangest Facebook advert I have ever seen

Over on the IndieWebCamp wiki, we’ve been documenting some of the ghastly things about Facebook and I needed to post this one on my own site for the permanent public record.

Facebook lets advertisers target ads pretty narrowly. That’s one of the key things that draw people to Facebook as an advertising platform. You can target based on all sorts of things: age, gender, location, relationship status, sexual orientation, educational background, employment history, work sector, political affiliations, interests, their parent’s demographics, whether they play video games, whether they have travelled recently and the type of mobile phone they use. And plenty of other things.

I did not manage to screenshot this particular ad that I saw a while back, but here is a rough approximation of the copy:

Meet hot finance studs

Study full-time or part-time for an MBA at name of business school.

The ad was accompanied by a picture of a couple of young men without shirts on.

This ad was served up to me on the basis of gender (man), sexual orientation (gay), educational background (have a degree), location (London), age (20 something) and work background (just finished university, just starting out in the world of work).

And as an advert for the business school in question, it is a pretty terrible advert, for fairly obvious reasons. Can you imagine applying for a postgraduate professional degree programme and actually being honest about why you are applying? “Well, I have a passion for international business management and I also saw some hot shirtless blokes in an ad on Facebook.”

It was probably some “forward-thinking” and “disruptive” digital media agency who thought “oh, yeah, let’s split up our target audience into 500 little chunks, then microtarget them”. And the management of the business school were so baffled by the spiffy social media marketing geniuses that they just ran with it even though “hot finance studs” probably isn’t exactly the copy I ought to be associating with a serious business school.

Of course, I may just be old fashioned and prudish in thinking that the way one advertises an institution of higher education ought to be slightly more refined than the way one advertises a Soho bathhouse.

The future is here and I can’t decide whether it is actually a full-on Orwellian dystopia or a strange hallucinogenic dream we shall all wake up from shortly and say “that was odd”. Or perhaps some mixture of the two.




CoffeeScript: the strange belief that applying enough layers of lipstick to a pig will suddenly turn it into Haskell.



Aiaiai TMA-1 DJ review: lovely sound, atrocious product

Last November, I bought a pair of Aiaiai TMA-1 DJ headphones on the advice of a colleague. I borrowed his for a day and loved the sound, and he told me he’d had a reasonably good experience with them.

I bought some the next day from the Apple Store in Regent Street.

Let me outline the good points of these headphones: they look nice, they are reasonably comfortable and they sound nice. The visual design of the headphones is a soft matte and modern black, kept completely unbranded. Given how every other pair of headphones I see is garishly designed—either in obnoxious colours, or in an obnoxiously hipsterish retro style, I was quite pleased with the design. More importantly, the sound is excellent. It matched up with the quality I got from a fairly good hi-fi system. I have found no cause for complaint in the quality of the sound.

I work in an open plan office—like every other unfortunate office worker in the Western world, it seems—and I need headphones that block out the colossal quantities of noise that bounce around the stark, white echo chamber. My headphones are on at least 8 hours a day, 5 days a week. The TMA-1 comes with both leather and vinyl ear cushions—I ended up going with the leather ones and they were reasonably comfortable. Not the most comfortable headphones I’ve ever worn, but far from the worst.

That, alas, is it. Everything else about these headphones has been a catastrophic disaster. I bought them at the end of November. Within a month, the headband had snapped. I am not a sadistic headphone torturer. A product built for a “DJ” market should hopefully be able to stand up to far greater punishment than that given out by an office drone sitting in the same place writing code.

I nipped back to the Apple Store and had them replaced. Another month or so ensues, and they break again. This time I make the mistake of attempting to contact the manufacturer for support. I send in a cameraphone snap of the broken headband, and after some dallying around in email back-and-forth, they send a replacement set. In the email I sent them, I requested they send them to my office address. They send them to my home address.

In the meantime, I ended up buying a spare pair of fairly cheap Skullcandy headphones. They are plastic, flimsy and the sound reproduction is not nearly as good as the TMA-1s. Since buying them, I seem to have spent more time with the spare headphones on than I have with the TMA-1s.

A couple of weeks after the replacement headphones arrive, the cable stops working. The manufacturer do not have the ability to replace the cable which has the inline iPhone control. At this point, I’m feeling lazy. I go to Aiaiai’s web shop and order a new cable and pay the princely sum of €20 + tax + shipping on them. And then I wait. Ten business days later, I realise the cable still hasn’t turned up. I contact them, and they tell me that DHL had not managed to deliver them because they couldn’t find my house. (I live in off the beaten track out in that secluded backwoods known as Westminster.) I tell them to try delivering them to my work. And then I wait some more. Eventually the cable turns up.

That was about two weeks ago. Today, I leave the house to do some errands. I am putting the headphones back on my head as I’m leaving a shop and the headband breaks again.

My patience snaps. I get on the Tube and go immediately to the Apple Store, explain all this, tell them that the headphones are not of merchantable quality as they are not fit for basic operation, and that I would like a full refund under the Sale of Goods Act 1979.

A bit of bureaucracy and these blasted headphones are finally out of my life. I strongly recommend not buying anything Aiaiai produces. If I were an estate agent tasked with selling the TMA-1s, I would call them “delicate”. What they actually are is flimsy.

Flimsy, £169.95 and require me to spend a lot of time getting them fixed? No way.

An adapted copy of this review has been published on Amazon.co.uk.


Size does matter, and if you think it doesn't, you should be ashamed

I just checked in Firefox’s web inspector and an article from one of the major UK newspapers I was reading in one of my open tabs had to download 4,162KB of data. Of that, 2,058 KB is JavaScript.

The cartridge/ROM for Sonic 3 for the Sega Genesis/Mega Drive is 2.1MB of data.

I download roughly the same amount of JavaScript to read a bloody news article as one of the most popular games from the 16-bit era for the entire game—the graphics, music and sound files, logic and so on.

If you work in the technology industry and you think this is in any way normal or acceptable, please leave by the nearest exit. This is moronic.

Every day, countless petabytes of bandwidth are spent downloading completely unnecessary libraries and frameworks and front-end doodads. It slows the page loading, it uses up memory on people’s computers. It is a waste of electricity and bandwidth, and it is a tax on the sanity of developers to maintain these gigantic piles of unnecessary complexity.




I just experienced a scene of casual homophobia… in a lift in a hotel in Brighton. It’s too profoundly odd to even begin to describe. I’m not hurt or offended, just very, very confused.

Just a small hint: if you are going to tell homophobic jokes, you are unlikely to find an appreciative audience in Brighton—Britain’s “gay capital”, just as you are unlikely to find an appreciative audience for your sexist jokes at a dinner party with Germaine Greer.

Absolutely surreal.


Pernille Tranberg: “I’m ten years younger on Facebook. And I’m a lesbian on Facebook. And I live in Asia.”