Desert of My Real Life | Technology, Society and Me

{February 4, 2011} Facebook Security

Robin pointed out an article about Facebook security today that made me think about some things that everyone who browses the web should know about but which the article unfortunately neglects to discuss. The article is about the fact that, until today, Facebook has been available only through the hypertext transfer protocol (“HTTP”) and not through the encrypted hypertext transfer protocol secure (“HTTPS”). That sounds a bit technical and boring but if you ever use Facebook on an open wireless network (in a cybercafe, for example), you probably want to pay attention to this particular issue. If you don’t care about the details of how this works, at least read the next to the last paragraph where I explain all the steps (including one not mentioned in the orginal article) to keep yourself secure when using Facebook.

When you use your browser (Internet Explorer or Firefox are two of many, many examples) to browse the web, you are making connections from your computer to computers all over the world. That is, when you put an address in the address box or you click a link on a page, you are sending a message from your computer to a computer out on the Internet, requesting some sort of service. These computers all over the Internet come from many different hardware manufacturers and run many different operating systems. To make sure that your computer can communciate with that computer out on the Internet, your browser must specify the protocol to use. A protocol is simply a set of rules that specify a kind of language that the two computers agree to communicate in. HTTP is one of these sets of rules while HTTPS is a different set of rules. The difference between these two protocols has to do with security. If your computer communicates using HTTP, every request for service is sent as plain text which means that if someone can listen to your request (by grabbing your messages from the wireless network, for example), that request can be read. If, on the other hand, your computer communicates using HTTPS, your request is encrypted which means that someone listening to your request (other than the computer that you’re making the request of) will hear jibberish.

What do protocols have to do with you and Facebook? Up until today, Facebook has only allowed communication to occur in plain text. So if someone on the same wireless network as you listened in on your communication with the Facebook computers, they would be able to read everything that you sent, including your username and password. So anytime you used a wireless network in a cybercafe to check your Facebook account, anyone else within that cafe (who had a bit of technical skill) would be able to capture your username and password. This vulnerability is not something unusual within computing circles. And the fact that Facebook has ignored it until now is pretty unconscionable. A Seattle programmer named Eric Butler decided to push the issue and created a browser extension called Firesheep that made it extremely easy for anyone to capture HTTP messages on public networks. In response, Facebook has finally allowed HTTPS (encrypted) communication to its computers.

There are two things you need to do in order to use Facebook securely. First, you need to change your account settings within Facebook. The original article that Robin posted explains how to do this. Go to Account Settings (under the Account menu in the upper right corner) and scroll down the third to the last item in the list, which is called Account Security. Choose change and check the box that says “Browse Facebook on a secure connection (https) whenever possible.” But it is really important that you also take a second step in order to be secure when you are browsing on an open network. Up until today, whenever any of us has started to communicate with Facebook’s computers, we have typed in (or clicked a link to) the following address: http://www.facebook.com Notice the letters before the colon–HTTP. We begin our communication with Facebook’s computers in an insecure way. We then enter our usernames and passwords in an insecure way. When Facebook then realizes that this is an account that has requested secure communication, it changes the way the two computers communicate with each to HTTPS. The problem is that we have already sent our username and password in an insecure way. So the second step you have to take is that when you type in Facebook’s address, you MUST type: https://www.facebook.com so that the communication begins securely. This second step is the one that the original article neglects to mention.

I set up my account to communicate securely with Facebook whenever possible. Unfortunately, many applications on Facebook cannot use a secure connection. That is, every time I play Scrabble or Go, for example, I have to change to an insecure connection. So for now, I’m leaving my settings so that I communicate via HTTP rather than HTTPS. I guess I’ll just have to remember to change my security settings before I leave home to use any computer (including my own) on an open public network. That’s my only option because I’m definitely not going to stop playing my games.

{February 2, 2011} iTunes Annoyance

I bought a 3rd generation iPod Touch awhile ago and have been an enthusiastic supporter of Apple’s various music players ever since. I had owned another brand of mp3 player previously but when I made the switch to the iPod, I gained the convenience of the iTunes store. I think that is one of the main reasons that Apple has maintained their lead in this crowded market. I spent a few months on a conversion project, ripping all of my CDs so that my iTunes library now contains all of my music. I subscribe to several podcasts. I have created a bunch of playlists. I have purchased a bunch of music and applications from iTunes. I love my iPod and use it all the time, for all kinds of things.

I just got a new laptop. And here’s where I have encountered my first annoyance with the way that iTunes works. What I would have liked to do is simple. I wanted to install iTunes on my new laptop, plug my iPod into the new laptop and have my entire library downloaded from the iPod to the new laptop via iTunes sync function. Sounds simple and seems intuitive that that’s the way iTunes would work. To my surprise, I discovered that this is NOT the way iTunes works.

I downloaded iTunes onto the new laptop without incident. I authorized my new computer to access my iTunes library and discovered that each library can have as many as five computers authorized to use it at any given moment. Not a problem since I only have two. I made sure that my new, blank iTunes library would not overwrite the library on my iPod and started the sync process. When it was complete, I noticed that hardly any of my music had been transferred and none of my playlists, applications or podcasts had been transferred. When I looked more closely, I realized the only things that had been transferred were the songs that I had purchased from the iTunes store. None of the music I had ripped from my CDs had been transferred to the new laptop. Thinking I had done something wrong, I checked all of the options and settings available and tried syncing again. No additional items were transferred.

I then searched for a solution and was shocked to discover that what I wanted to do is something that is not easy to do. The best article I read on the topic is a bit arcane but the gist of it is that Apple has decided that the relationship between your iPod Touch and your computer is primarily a one-way relationship. It’s easy to get media files from your computer to your iPod but much more difficult to get media files from your iPod to your computer. The only exception to that “rule” is a media file that you purchased from the iTunes store.

One theory about why Apple has made this non-user-centered choice is that they are trying to appease their corporate partners concerning copyright issues. That may be the reason but why then would they have made it easy to transfer your iTunes store purchases? In any case, this should not be as difficult as it is proving to be. One of the things I tried was to use the iTunes software to make a backup of my library on my external hard drive and then import that backup to my library on my new computer. But when I tried this option within the software, it would only let me make a backup to a CD or DVD. I could not choose where I wanted to store that backup–it had to be stored on a disk in my DVD drive. This would require many, many CDs or DVDs and so I think people are unlikely to really choose this option for backing up their libraries.

My latest attempt (one that I am in the middle of) is to go outside of the iTunes software to use Windows to copy the iTunes folder from my old C: drive to my external drive and then from my external drive to my new computer’s C: drive. I fear this might not work because of a number of issues that I’ve read about. If it doesn’t, the articles that I’ve read suggest that I should purchase one of several pieces of software that have been written by third party vendors to help out people in my situation.

I am very annoyed with Apple at the moment. This task is a common, reasonable task to want to accomplish. The choice that they have made here does little to thwart piracy but instead wastes the time of a lot of their honest customers. Come on, Apple. You can do better than this.

{January 26, 2011} No Posts

I have been sick for about 10 days. With what started out as a cold. It still amazes me that, with all our sophisticated technology, we cannot figure out how to cure the common cold. And then for me, the common cold typically turns into a sinus infection. I am allergic to many of our modern antibiotics (including penicillin) and so I really try not to take antibiotics for sinus infections. I have an arsenal that I employ against sinus infections but it sometimes take longer than otherwise to get rid of them. I say all of this to explain why I have not yet posted this year (which of course is 26 days old). I assure you that I have several posts in the works and will post them very soon now. Stay tuned.

{December 27, 2010} Popular Culture and TIA

I just finished watching the five episodes of the BBC miniseries The Last Enemy. Ann had recommended it because it is about computers and privacy and also because Benedict Cumberbatch (of recent Sherlock Holmes fame) is the star. I mostly liked the series but there were a couple of things that really bothered me about it.

The plot begins when Stephen Ezard (played by Cumberbatch) returns home to England after living in China for four years. He’s coming home to attend the funeral of his brother Michael, an aid worker who was killed in a mine explosion in some Middle Eastern desert. Ezard is a mathematical genius who went to China to be able to work without all the distractions of life in England. He is a germaphobe (at least in the first episode–that particular personality trait disappears once the plot no longer needs it) who is horrified by the SARS-like infections that seem to be running rampant on the plane and throughout London. After his brother’s funeral, Stephen goes to Michael’s apartment and discovers that Michael was married to a woman who was not at the funeral and who appears to be in hiding. She’s a doctor who is taking care of a woman who is dying from some SARS-like infection–and that woman is in Michael’s apartment. Despite his germaphobia, Stephen immediately has sex (in this germ-infected apartment) with his brother’s widow.

Meanwhile, Stephen’s ex-girlfriend is an MP who is trying to push through legislation that would allow the use of a program called Total Information Awareness (TIA). TIA is already largely in place but the people of England are not happy about it. So Ezard is recruited as a “famous” apolitical mathematician who will look at the program and sell it to the public. What is TIA? It’s a big database that collects all kinds of electronic information. Every credit card purchase, building entry with an id card, video from street cameras, and so on is stored in this database. The idea is that by sifting through this information, looking for certain patterns, English authorities will be able to find terrorists before they strike. The interesting thing about this idea is that it isn’t fiction. In 2002, the US government created the Information Awareness Office in an attempt to create a TIA system. The project was defunded in 2003 because of the public outcry. At the time, I was concerned about the project both as a citizen with rights that would potentially be threatened and as a computer scientist critical of the idea that we could actually find the patterns necessary to stop terrorism.

This is where the plot of The Last Enemy became problematic for me. Michael’s widow, Yassim, who is now Stephen’s lover, disappears. Stephen takes the job as spokesperson for TIA primarily so he’ll have access to a system that will allow him to track Yassim. We see many scenes of him sitting for hours and hours wading through data with the help of the TIA computer system. At one point, he tracks the car that Yassim had been riding in by looking for video footage taken by street surveillance cameras and finding the license plate of the car in the video. This is completely unrealistic and one of the main reasons that, with our current technology, a TIA system will never work. We don’t yet have the tools to wade through the massive amounts of irrelevant data to find only the data we’re interested in. And when that data comes in the form of photos or video, we don’t really have quick, efficient electronic means of searching the visual data for useful information. Since so much of the plot of The Last Enemy hinges on Stephen finding these “needles in a haystack” in a timely manner, I had a difficult time suspending my disbelief. The problem is that it is very difficult to find relevant information in the midst of huge amounts of irrelevant information. Making this kind of meaning is one of the open problems of current information technology research.

The second major problem that I had with the plot of this series has to do with Stephen as a brilliant mathematician and computer expert not understanding that his electronic tracks within the system would be easy to follow. He makes no attempt to cover those tracks and so as soon as he logs off, his pursuers log on behind him and look at everything he looked at. And many major plot points hinge on his pursuers knowing what he knows. He doesn’t even take minimal steps to cover his tracks and then he seems surprised that others have followed him. This is completely unrealistic if he really is the brilliant computer expert he would need to be in order for the government to hire him in this capacity.

I won’t ruin the surprises of the rest of the plot of this series. But let’s say that much of the premise seems pretty realistic to me, like we’re not too far off from some of these issues coming up for consideration soon. For that reason, I recommend the series, despite the problems I saw and despite the unbelievable melodrama that arises as a result of Stephen’s relationship with his brother’s widow. There is a particularly laughable scene between the two of them when she tries to teach him how to draw blood by allowing him to practice on her. It’s supposed to be erotic, which is weird enough given the danger they’re in at that point, but the dialog is so bad that I laughed out loud. Despite these problems, the series explores enough interesting questions that I kept watching, wanting to know how the ethical questions would be resolved.

{December 26, 2010} More About Net Neutrality

This entry was inspired by Meg, who asked some great questions after I posted my last entry. In that entry, I explained what the net neutrality debate is about and why consumers should care about the FCC’s recent ruling requiring that traditional ISPs cannot discriminate the traffic that they carry over their wires. This is a good thing for consumers (IMHO). Near the end of the post, I also suggested that the ruling didn’t go far enough because it didn’t apply the same rules to wireless providers. I didn’t explain what I meant by that and so Meg asked some great questions. So here’s a further investigation of the FCC ruling, as it applies to wireless providers.

An article from Wired summarizes the three rules that the FCC passed for wired ISPs: 1. They must be “transparent about how they handle network congestion”; cannot block any particular traffic on wired networks, and cannot “unreasonably” discriminate on those networks. This last rule means that the speed of data transmission must be the same regardless of the source of that data. So Time Warner (as an ISP) cannot make your connection slower to Netflix‘s online video service than the connection to Time Warner‘s own online video service (if they had one).

Despite these consumer protections, the ruling is being thrashed because it does not apply these rules to wireless providers of Internet access. What does that mean? It means that if you access the Internet on your phone, your phone company can charge you different rates to access different sites. If Facebook is particularly popular, for example, your phone company can charge you more to access it than it charges to access MySpace. Or worse, if your phone company creates their own social networking site, they can charge you more to access all competitors’ sites than they do to access the more well-known sites. Or even worse yet, they can prevent you from using their wireless network to access the competitors’ sites at all. This is clearly not in the best interest of consumers. It’s also not in the best interest of innovation since most innovation does not come from the biggest companies and small companies could get squeezed out if no one is able to access their sites.

Right now, these (non)rules concerning wireless providers apply mostly to cell phone companies who provide Internet access. Most other access is wired access. Even when we have wireless networks in our homes and places of work, we have wired access that comes into the building and then we have a local wireless network set up. So the ISP isn’t providing the Internet access wirelessly. And so they would be governed by the stricter rules imposed by the FCC ruling. But that may not always be the case. In the future, more and more ISPs may figure out ways to effectively and efficiently provide wireless access into our homes and businesses. And if that happens, those new networks will be governed by the softer rules. This seems short-sighted to me. And it seems like it happens because the folks on the FCC are not tech people and so don’t really understand what is different and what is the same about different kinds of technology. Let’s hope that changes.

{December 21, 2010} Net Neutrality and Why You Should Care

The debate about net neutrality has been around for a while. I taught my students about it back when I was still in the Computer Science Department, during the Bush administration. Today, finally, we’ve gotten a ruling from the Federal Communications Commission about this “controversial” subject. But to understand the FCC ruling, we first have to understand the debate. And that means that we have to understand what the Internet actually is.

So, what is the debate? It’s about your access to the Internet. The Internet was founded as a decentralized network of computers. That’s right. The Internet is a network of computers. Each of these computers provides some service. So when you connect to the “Internet,” you are connecting to a bunch of computers. And you ask those computers to provide you with some sort of service. Like viewing a web page. Or looking at your email. Or listening to music. Or watching a movie. Each of these services involves sending your computer data in the form of a bunch of zeroes and ones that your computer then translates into something that you (as a human) recognize. Some of these services involve a few zeroes and ones while others involve MANY zeroes and ones. The Internet was founded on the idea that zeroes and ones are zeroes and ones. That is, we should not make any distinction between THIS set of zeroes and ones and THAT set of zeroes and ones. That’s the idea of net neutrality.

How does this relate to you and your everyday, online life? It means that when you use your Internet Service Provider (Time Warner Cable or Netzero or Verizon or whoever) to connect to Google (or Microsoft or LL Bean or YouTube or Hulu whoever), the zeroes and ones are not discriminated. All zeroes and ones are treated equally. So, for example, Time Warner cannot make a deal with Microsoft to make Bing (Microsoft’s search engine) run faster than Google (Bing’s direct competitor). And Time Warner cannot make a deal with Microsoft to charge you more to access Google than to access Bing. AND Time Warner cannot make a deal with Microsoft to completely block your access to Google so that you MUST use Bing as a search engine. THAT is net neutrality.

So the issue has been whether to consider the Internet to be more like a communication network or an entertainment provider. If the Internet is about communication, then it should be regulated in the same ways that phone communication has been regulated. Phone companies must carry all phone calls at the same rate based on distance. In other words, they can charge you more to call California than to call the town next to you, but they can’t charge you more to call Business A than to call Business B based solely on the fact that Business A is different than Business B. And they can’t block your call to any place. They must carry all calls. On the other hand, if the Internet is about entertainment, then they should be able to make deals like your cable company makes deals. For example, my cable company, Time Warner, recently failed to come to an agreement with an ABC affiliate out of Vermont. As a result, I no longer get that channel in my cable lineup–I cannot access that channel no matter what I do (unless I change to a cable or satellite provider that gives me that access–but, of course, most cable companies have monopoly access in the towns where they provide service). In addition, if I want access to certain channels, my cable company may charge me more. I have access to The Sundance Channel but I don’t have access to the Independent Film Channel because I pay at the level that gives me Sundance but I don’t pay at the level that gives me IFC.

So the question has been, is the Internet a communication network (like phones) or an entertainment network (like cable TV)? Another way to ask this question is: should Internet service provision be regulated to prevent differential access to certain sites? Many Republicans have argued that deregulation, allowing companies to do whatever they want, promotes competition and is therefore good for consumers. And so they have argued that we should allow Internet Service Providers to charge different amounts for different kinds of access and to actually block access to certain sites. I generally believe that consumers are best served by rules that promote net neutrality. So I have argued for a long time that the FCC should make rules that prevent situations such as what happened with my ABC affiliate and my cable TV provider.

So today, the FCC ruled in favor of net neutrality. THIS is a good thing (IMHO) for consumers–and THAT is why you should care about this. Some Republicans have called this ruling “regulatory hubris.” Many on the other side of the debate have also decried this ruling because it doesn’t go far enough in its regulations. The ruling explicitly singles out cell phone operating systems, such as Android, as the reason that the FCC was softening its rules for net neutrality on wireless networks. This is defintely something that consumers need to pay attention to.

{December 12, 2010} Kid Poker

I am huge fan of Texas Hold ‘Em poker. It is an interesting mix of skill and chance with a bit of human unpredictability thrown in and as a result is an extremely difficult game to master. My favorite player (when I watch the game on TV) is Kid Poker, Daniel Negreanu. He is ranked second in all-time earnings, which I think is amazing for someone who was born in 1974 (of course, the person in first place was born in 1976). I just discovered that Daniel writes a blog and wanted to share it. Lots of useful insights about the game there.

{December 10, 2010} Zero Views

Recently, my favorite NPR show, On the Media, had a story about an interesting blog called Zero Views. The blog celebrates “the best of the bottom of the barrel” by posting the funniest YouTube videos that no one (NO ONE–hence the name “Zero Views”) has watched. I found several things about this story that are worth commenting on.

First, this is the kind of meta-site on the Web that I love. It’s a site that highlights content from another site. But here’s the thing. As soon as this site focuses on a video that has zero views, it is HIGHLY likely that the video will no long have zero views. And in fact, if the Zero Views blog is at all popular (and my sense is that it is fairly popular), any site that it talks about is likely to go viral and become incredibly popular with thousands of views. That, to me, is a really interesting phenomenon.

The second thing that I find interesting about this story is an underlying issue about popularity. This is something that I’ve been thinking about for a while. What makes a blog, a site, a video “popular?” The easy answer has to do with numbers of views. But that somehow feels unsatisfying to me. I’ve watched many videos and traveled to many links that were recommended to me, only to feel…dissatisfied with what I’ve seen. This makes me think that popularity must have something to do with “likeability” or some other related concept. How would we measure “likeability” and surely, the fact that someone “recommended” a particular site, blog, video to me must have some relationship to “likeability,” right?

There are sites such as Technorati that try to measure “popularity” by measuring the number of links that each site has to it. That is, the more other sites link to your site, the higher you rank in Technorati’s popularity rankings. There are many problems with this idea of “popularity,” the most obvious of which is that more tech-literate folks are more likely to link to other sites. So if you are “popular” among less tech-literate folks, you are less likely to be linked to so you will be ranked as less “popular.”

I don’t actually know how to measure “popularity” of websites, blogs, videos and so on. The proliferation of “top 100” or “top 10” shows on TV makes me think that “popularity” is a cultural phenomenon, something we are interested in as a culture. But I’m curious about what various groups of people mean when they use the word “popular” when it comes to online content. What do you think? I’m also really interested in the kinds of activities and behaviors that can affect the “popularity” of online content. What do you think about that?

{November 12, 2010} Running on Battery

I have had my laptop for about two and a half years. When I first got it, it could run for three and a half to four hours on battery power. Now, two and half years later, fifteen minutes on battery power is pushing it. I know that rechargeable batteries have a limited life span. But I’m still surprised at how short the life of this battery has been, especially since I’ve diligently tried to avoid all of the behaviors that are known to reduce the life of a battery.

But I’m not really someone who rails against the injustices of life over which I have no control. So I decided to accept the reality of the situation and by purchasing a new battery. My laptop is a Dell, which in times past would have been a good thing. But Dell has kind of been on a downhill slide for a while when it comes to quality of their products. In fact, I have had a couple of problems with this laptop but I haven’t complained about any of them because they were all fixed under the two-year warranty that I had on the machine. The battery, however, is not under warranty. So I recognize that I will have to pay whatever the cost for a new one. I was completely unprepared to discover that a new 6-cell battery from Dell for my model of laptop costs $135. I currently have a 9-cell battery and if I want to get an equivalent one, it will cost $155. In the meantime, I got an email from Dell today telling me about a 72-hour sale they are currently running. I can buy a new laptop, very similar to the one I currently own, for $450 (only a 6-cell battery, though). I paid about $1800 for mine two and a half years ago. Is Dell telling me that nearly one third of the cost of a laptop ($135 dollars out of a $450 pricetag) comes from the cost of the battery? This makes absolutely no sense to me. I’m going to buy a new battery rather than a new laptop but I’m not happy about it.

This experience with my laptop battery got me thinking about the batteries in my other electronic devices. I use my iPod Touch all the time. I often listen to NPR or music via my docking station for the device. When the iPod is plugged into the docking station, the battery recharges. One of the ways you can shorten the life of a battery is by over-charging (and by not letting it discharge). It makes me wonder if there’s some sort of safeguard on the iPod that prevents it from over-charging. A number of sites claim that you can not “over-charge” the iPod battery but it isn’t clear to me what those sites mean by that. What I mean is: will battery life be reduced if you always keep the iPod battery “topped off,” that is, near 100% charged, rather than letting it run down to 0% (or close to 0%)? I can’t seem to find any information about that. In any case, I unplug the docking station when I’m not using it, both because that will stop definitely stop charging the attached iPod and because it saves energy to do so.

The other device whose battery I’ve been thinking about is my phone. I currently have a loaner phone from US Cellular (long story but let’s just say that US Cellular has the best local customer service EVER). It makes a noise when the battery is completely recharged, which is a nice feature. Several other devices that I own have a light which changes from red or orange to green when they are completely recharged. Again, nice feature. But none of these features really give you an indication about whether your charging behavior is reducing the overall life of the battery.

It would be nice to have battery technology that allows recharging indefinitely with no need to run the battery down in order to maintain the maximum life span of the battery. Given the fact that so many of us carry so many electronic devices, such technology would be hugely beneficial.

{November 11, 2010} Google and Privacy

A story about Google and privacy on NPR last week caught my attention because it seemed so strange. And now that I know what the real story is, it still seems really strange to me.

Google Map’s Street View function is very cool. It provides street-level camera views of many locations. In Boston, for example, you could type “Prudential Center” in the Google Maps tool, choose “Street View” and then stand virtually in front of the Prudential Center and look around, as though you were actually standing at that spot. You can then (virtually) move in any direction along the street, as though you were traveling in a car. I’ve used the function before visiting new places, trying to find new addresses, to get a sense of what I’ll see when I’m actually there.

To create these street-level views, Google sends people in cars to drive around, video-taping the view at various locations. To facilitate the coordination of the video with actual addresses, the people in the car utilize mobile computing technology to gather GPS information that is then attached to the video. The software that Google used in this project apparently had a feature that captured other kinds data from the airwaves in addition to the data needed to create the street views. In particular, this software sniffed out unsecured wireless networks and captured data such as email addresses, passwords, and IP addresses. After denying that they were capturing such data, Google finally admitted that they were “inadvertantly” capturing it but that the data was never used for any purpose. The data capture was inadvertant because the company was using software that had been developed for other purposes and they simply didn’t realize this capability remained intact.

In Britain, such data capture is illegal. So the story I heard was about the British government deciding whether to fine Google for the “data breach” or not. Instead of fining Google, the British government sought written assurance from Google that they would not engage in such practices again. In addition, the government would like to conduct an audit of Google’s data protection practices. And that, apparently, will be the end of the incident.

I think there are two interesting parts to this story that have not been discussed.

First, there are a ton of wireless networks that are unsecured. What this means is that people set up a wireless network in their house or their business and they don’t encrypt the data that is sent via that network. So all information that is sent on the network can be read by anyone. If you put in a password, it is transmitted in plain text, so anyone (with a sniffer–another type of program, readily available–that’s another post) can read it. If you put in your bank account number, it is transmitted in plain text and anyone (with a sniffer) can read it. In other words, it is a really bad idea to set up an unsecured, unencrypted wireless network. When you buy a wireless router, the setup instructions are pretty easy for setting up a secure, encrypted network. But many people choose not to. I’m not sure why. Of course, it still makes sense to me that it would be illegal to gather private information from unsecured networks. If someone doesn’t lock the door to their apartment, we still think it’s a crime for someone to steal things out of that apartment. It’s the same situation with an unsecured wireless network.

The second thing that I think is interesting about this story is the fact that Google’s software contained functionality left over from some previous project that was unrelated to the current project. This might not seem like a big deal but I’ve seen this in other pieces of software and it is indeed a big deal. A few years ago, Microsoft’s Excel was a hog, using huge amounts of memory and CPU time, far beyond what you would expect given its functionality. I discovered (via the Internet, of course) that the Microsoft programmers had inserted a huge chunk of Microsoft’s Flight Simulator into the Excel code. So if you pressed a bizarre sequence of keys while you were in Excel, you would suddenly find yourself flying a simulated plane, with some of the most realistic graphics available at the time. This is called an “Easter egg.” And here are some instructions for how to get to the Flight Simulator from within Excel. (By the way, I was unable to get this to work on Vista but you can go to Wikipedia to find some documentation of various Easter eggs in Microsoft products.) It was a cool discovery. Most Excel users never knew this functionality existed. And it shouldn’t have existed because it was completely unrelated to spreadsheets. It was (probably) the major reason that Excel was bloated, taking more memory and CPU time than necessary.

So although the story about Google’s privacy breaches is strange, it contains a couple of lessons for the average computer user as well as for software developers. Average user–secure your wireless network! Software developer–resist the temptation to play around as you develop your software.

Pages

Past Posts

Blogroll