| I like the way this sounds. Can you say more about the spec?
Doc On Sep 20, 2014, at 1:11 PM, John Wunderlich <
">
> wrote: Doc;
Like you, I think that the better bet (in the real world of available choices) is on the side of the companies that sell hardware and/or services and don't depend on monetizing personal information. But all that does is get us to the word of CRM.
Apple Pay is potentially disruptive because Apple holds so much customer data, including credit cards.
The problem remains architectural. The Internet is based on stateless packets, but assumes that these are communications between established datasets. As communication became frictionless this led to a situation conducive to monopolistic datasets (Facebook, Google, Alibaba, etc).
For VRM to succeed it needs a data equivalent to the TCP/IP protocol. i.e. where the data is encapsulated not with routing information but with access & use information. My view of the open notice initiative and consent receipt it that, while they are being built on existing protocols, they are a way of adding allowable uses and audibility to the traffic flow.
If my data goes into Apple's walled garden with a set of rules attached (I allow these uses, but not those others) it gives Apple clearer direction that it has now and provides me with recourse. We have a preliminary XDI specification for this. With encryption, it does open up a path to your white box/generic phones. In my mind the goal is to exchange and use these data securely via a distributed data set where the nodes are personal data stores and the nexii are not accumulations of data, but are dynamics sets of connections to those stores.
JW
On Saturday, September 20, 2014, Doc Searls <
">
> wrote: This is from a list I'm on: http://bit.ly/1qjFwM0 . Full text below.
Here's Wikipedia on John Gilmore, who wrote it: http://en.wikipedia.org/wiki/John_Gilmore_(activist)
Doc
> From: "Dave Farber via ip" <
')">
>
> Subject: [IP] new wiretap resistance in iOS 8? Why we believe apple
> Date: September 20, 2014 at 7:54:13 AM GMT+1
>
> ---------- Forwarded message ----------
> From: John Gilmore
> Date: Saturday, September 20, 2014
> Subject: Re: [Cryptography] new wiretap resistance in iOS 8?
>
>
> > > Quoting from the new iOS 8 privacy policy announced tonight Wed Sep 17.
> > > > Apple has no way to decrypt iMessage and FaceTime data when itœôòùs in
> > > > transit between devices. So unlike other companie' messaging>
> > > > services, Apple doesnœôòùt scan your communications, and we wouldnœôòùt be
> > > > able to comply with a wiretap order even if we wanted to.
> > > https://www.apple.com/privacy/privacy-built-in/
>
> And why do we believe them?
>
> * Because we can read the source code and the protocol descriptions
> ourselves, and determine just how secure they are?
>
> * Because they're a big company and big companies never lie?
>
> * Because they've implemented it in proprietary binary software,
> and proprietary crypto is always stronger than the company
> claims it to be?
>
> * Because they can't covertly send your device updated software that
> would change all these promises, for a targeted individual, or on
> a mass basis?
>
> * Because you will never agree to upgrade the software on your
> device, ever, no matter how often they send you updates?
>
> * Because this first release of their encryption software has no
> security bugs, so you will never need to upgrade it to retain
> your privacy?
>
> * Because if a future update INSERTS privacy or security bugs, we
> will surely be able to distinguish these updates from future
> updates that FIX privacy or security bugs?
>
> * Because if they change their mind and decide to lessen our privacy
> for their convenience, or by secret government edict, they will
> be sure to let us know?
>
> * Because they have worked hard for years to prevent you from
> upgrading the software that runs on their devices so that YOU can
> choose it and control it instead of them?
>
> * Because the US export control bureacracy would never try to stop
> Apple from selling secure mass market proprietary encryption
> products across the border?
>
> * Because the countries that wouldn't let Blackberry sell phones
> that communicate securely with your own corporate servers,
> will of course let Apple sell whatever high security non-tappable
> devices it wants to?
>
> * Because we're apple fanboys and the company can do no wrong?
>
> * Because they want to help the terrorists win?
>
> * Because NSA made them mad once, therefore they are on the side
> of the public against NSA?
>
> * Because it's always better to wiretap people after you convince
> them that they are perfectly secure, so they'll spill all their
> best secrets?
>
> There must be some other reason, I'm just having trouble thinking of it.
>
> John
To me it's not about belief, but about placing bets. There is much to un-love about Apple, as John points out above. But there is more, in respect to privacy on one's phone, to un-love about other companies, including Google. Of course, that's arguable, and I'll take points from both sides. But I'd rather trust a company I'm paying for services than one that's selling me and my life to other companies, which is what B2B companies in the personalized advertising business do.
My own preference, in the long run, is to have good, easy-to-use white-box (general purpose) phones and tablets that meet John's requirements. But we don't have those yet. (On the tablet front, Omie should be one: <http://customercommons.org/2013/04/25/meet-omie-a-truly-personal-mobile-device/>.)
Meanwhile, Cory Doctorow does a good job unpacking the problem, and the basic conflicts we'll be in for a long time: <http://boingboing.net/2012/08/23/civilwar.html>.
Doc
--
John Wunderlich Fat fingered from a mobile device
Pleez 4give spelling errurz!
|