Vancouver's Open Data, Open Standards, Open Source and the Vancouver Public Library

Vancouver has adopted a policy of Open Data, Open Standards, Open Source and I'm really excited about it. David Ascher presented on the topic at Open Web Vancouver 2009 and pointed out that if we don't engage the city and use this data it will go nowhere.

The Vancouver Public Library is one of my favourite places. I love libraries, I love books, but the library here in Vancouver is a really special library for me. So I've been thinking of ways that the library could share data so that I could build applications to make the library more interesting and more valuable to the people of the city.

Here's some data I'd like to have:

• Books on order

  I'd like to know what new books are currently on order, but not available. I want a preview of coming attractions.

• Most unpopular books

  What doesn't get checked out? What's likely to get sold in the next round of disposal, ahem, book sale?

• Most popular books

  What's everybody reading?

• Top 100 sites for library patrons

  What are the most popular sites browsed from the library? I'd like to be able to contrast this with the most popular sites according to Alexa. That should help tell the library what sorts of services patrons need.

These are things that I could mash up into interesting applications, such as presenting a unified view of new popular books on Amazon and which ones are in the library, or popular in the local community.

Spam now leverages social networks

I've been getting spam lately purporting to be from a former co-worker. Apparently they harvested her MSN Messenger list – it impersonates her hotmail account and sends to my work account.

This was probably due to a virus which hijacked MSN messenger, it's a notoriously problematic service: between the service outages, trojans and viruses, its usefulness is debatable. But even as Microsoft gets its security act together a decade too late, the attack is inevitably shifting someplace else.

With social networking sites asking for email passwords to "import connections", people respond quickly. After all, they say it's safe, and you can always change your password later (but you don't). As it has been pointed out, as an industry we've trained people to type passwords, and that's what they do – whether it's a good idea or not, and that's why phishing is so successful. But once they have your contact list they can keep that forever, and it's a wonderful tool for a spammer.

Facebook and Twitter are unlikely to misuse this data too egregiously, they are connected to real money and companies with reputations to protect. But Pownce, which is going out of business – what about their data? And tacky little utilities like Twitterank which spam your stream, you'd better believe they're warehousing your connections. And your private messages. And everything else. You can put these things together and draw meaningful conclusions about the people involved.

Science fiction has been talking about spambots impersonating your family and friends for years, but now it's happening for real, and expect to see a whole hell of a lot more of it. Expect to start seeing requests from friends and family, asking for money through new and unfamiliar websites (or even familiar websites that have been compromised). Expect increasingly strange and subtle requests: you may not even know what they're really trying to get you to do, or why. In short, this is going to get deeply weird, really fast.

Favourite packages for Ubuntu Intrepid

I recently upgraded to Ubuntu Intrepid Ibex, the 8.10 release. I use "upgraded" in the general term because the distribution upgrade option has never worked for me – I did a clean install.

Add the Medibuntu repository.

then:

sudo apt-get install aacgain acidrip acroread acroread-plugins audacious azureus cabextract easytag ffmpeg flashplugin-nonfree gstreamer0.10-ffmpeg gstreamer0.10-plugins-bad gstreamer0.10-plugins-bad-multiverse gstreamer0.10-plugins-ugly gstreamer0.10-plugins-ugly-multiverse gtkpod-aac hardinfo inkscape libdvdcss2 libdvdread3 libdvdread3 libxine1-ffmpeg meld mozilla-acroread mozilla-mplayer mozilla-plugin-vlc mp3gain mplayer msttcorefonts network-manager-pptp openclipart-openoffice.org nfs-common nfs-kernel-server portmap rapidsvn skype smartmontools smbfs totem-xine ubuntu-restricted-extras unrar vlc vlc-plugin-esd w64codecs wine

Georgia: dump Saxby Chambliss on December 2

Saxby Chambliss, chickenhawk extraordinaire, is in a runoff to keep his Senate seat in Georgia. Despite McCain carrying Georgia 52%-47%, Chambliss was unable to ride his white coattails to victory. People were pissed at him for voting for the Wall Street Giveaway, and they punished him just enough to force him into runoff against Jim Martin.

I'm voting for Jim Martin. He's the most progressive candidate Georgia has produced in a white, heterosexual male body since Jimmy Carter. His legislative record is solid, he's smart and hard working. I've voted for him many times over the years, and I'm happy to do so again.


But most importantly, Jim Martin is not Saxby Chambliss. In 2002 Chambliss won his Senate seat by sliming his opponent Max Cleland (a veteran who lost his limbs in Vietnam) as a terrorist sympathizer. He ran hand-in-hand with Governor Sonny Perdue whose platform of a "Confederate Flag for Georgia" helped propel them both to victory. It was shameful, and I'm still ashamed. It would be redundant to call out his record on voting for the Iraq war, voting for torture, voting for spying on US citizens, voting for retroactive immunity for the telecom companies who spied on Americans, and so on.

Georgia's Secretary of State has no information about the runoff election on her department's website or its Election 2008 website, so she obviously doesn't want people to vote – after all, turnout would be bad for the GOP. It's a shameful state of affairs, but if we "other folks" vote again, we can send Chambliss packing with the man he said he was "goin' to Washington DC to work for", George W. Bush. This time we can elect Jim Martin who will work for the citizens of the State of Georgia.

Vote December 2.

Asking more from family and friends on queer rights

Following the election last Tuesday, I am very happy and hopeful about the future. Even though Proposition 8 passed in California, President Barack Obama will appoint liberal Supreme Court justices who will eventually give me full equality in the United States, maybe even in my lifetime. I have hope.

But in the meantime, it's going to be rough. Each step forward will be met with stiff opposition. Queers have long been convenient targets for political hate campaigns. This will get worse before it gets better. It already is.

Recently I've discovered that several long-time friends don't agree I should have equal rights, including the right to be married. Some of them have participated in campaigns specifically intended to take away my civil rights. By definition, these people are not my friends, and I will no longer encourage such behaviour with my continued association. These people will no longer be able to truthfully say "I have gay friends, but..." – not if they're referring to me.

I am also raising my expectations of my friends and family. In the past I simply asked friends and family to accept me and not say bad things in my presence. I didn't feel I had the right to ask them to volunteer for a cause, contribute money, or vote a certain way. Although I knew in some cases that they were opposed to my rights, I ignored it. I had very low self-esteem, and I just felt happy that people actually liked me: Internalized homophobia is powerful and insidious. Those days are past.

Now I will call on my friends and family to help advance my civil rights whenever I see fit. Since my friends and family love me as I love them, I expect they will be willing to help me. If friends and family are engaged in or supporting organizations that hold anti-gay agendas, it is my expectation that they work to improve those organizations from within. To be clear, I'm not unreasonable: I don't actually expect my friends and family to live up to my every expectation any more than I live up to theirs.

Queer issues will never be as important to most of my friends and family as they are to me. But now I'm not going to hesitate to ask for help, and if that turns out to be a problem, it will be short-lived. It will be fantastic if they choose to help, and it will be okay if they don't, but no friend will be allowed to work against my civil rights and remain my friend. This is called self-respect, and it starts now.

Obama's election: hope for an exiled gay American

Living in Canada over the past four years it's been hard to admit I'm an American. Before the 2004 election people used to commiserate, saying "what a terrible government you Americans have to deal with." After 2004, the mood got ugly: we really did elect Bush that second time. The negative opinion of the US government was transferred onto its citizens. Since 2004 whenever I have admitted to being American I've watched welcoming smiles melt into frowns, and often had to listen to a tirade about Bush and the US government. I've had to agree with them, too.

After all, I had to leave the US in order to live with my husband, and you'd better believe I've resented it bitterly. With laws that treat me as something between an abomination and a criminal, a Supreme Court prepared to permanently relegate me to second-class citizenship, and a president that seemed intent on breaking every international law, violating every civil liberty and every standard of decent conduct, I could find little to defend about the US, and even less reason to want to.

I certainly hoped Obama would win. I contributed to his campaign, I made phone calls. But I never let myself really believe, because it would just hurt too much if he lost. The Supreme Court holds the key to deciding whether I'll be a second-class citizen in the US until the day I die, and if more Scalitos had been appointed it would have dashed my hopes for two generations. I held my breath.

Today Barack Obama pulled it off, and decisively, breaking the last barrier for African-Americans (which John McCain spoke of so eloquently and movingly in his concession speech). Obama even mentioned gay people as actual Americans in his acceptance speech. Today I have hope, and I can say I'm an American without embarrassment and without (excessive) anger and resentment. I see that the dream is alive in the United States, and I see reason to believe that one day I might be able to live there again, maybe even as an equal.

A lot more has to change for this to happen. Today, people in Arizona, California, and Florida voted to ban same-sex marriage; it passed in Arizona and Florida. The vote is very close in California, but one thing is certain: voters hold farm animals in higher esteem than their fellow citizens. We have a long way to go, but when I look at how far we've come in forty-five years, I have hope.

Congratulations to President-elect Barack Obama and to the people of the United States on turning this historic page. Congratulations to African-Americans who can say that they are now full participants in the society and democracy of the United States. Congratulations and thank you to everyone who worked, donated, and voted to make this happen. Someday it will make a difference for me, too.

Semantic web startup Twine hard to get wrapped up in

Twine is [yet another] site that offers recommendations for webpages, stories and information based on things that you've read. I've seen demos that are amazing, that pull together disparate threads of data in new and surprising ways. It is powered by some sort of fantastic semantic juju that allows it to create recommendations and connections that simpler probabilistic analyses cannot. Sounds good right?

The problem is that it is just too. damned. much. work. You start with nothing, and have to enter your links, from scratch, one at a time. You don't get any immediate satisfaction. Unlike FriendFeed or SocialMedian, it doesn't just figure stuff out based on your other activity elsewhere on the web. It doesn't even attempt to figure out what you already like. So all of the heavy lifting is left up to the user, and there's no immediate payoff. The new user is left wondering just what the hell this site is supposed to do for them.

So although it probably has good technology, so far it's a failure. If they don't realize that everybody's not suddenly going to start posting everything in their little walled garden with a promise of getting payoff, maybe, someday, they'll be left behind by other sites who have given a great experience out of the gate to new users. Other sites – Facebook, FriendFeed, etc. – can add this semantic hooey to their own sites at their leisure. Sometimes technology really doesn't matter.

Greenspan gets a clue after the damage is done

From Greenspan Concedes Error on Regulation in today's New York Times:

Facing a firing line of questions from Washington lawmakers, Alan Greenspan, the former Federal Reserve chairman once considered the infallible maestro of the financial system, admitted on Thursday that he “made a mistake” in trusting that free markets could regulate themselves without government oversight.

Whoopsie!

Referring to his free-market ideology, Mr. Greenspan added: “I have found a flaw. I don’t know how significant or permanent it is. But I have been very distressed by that fact."

Oh no, he's *distressed*. Well, fuck me with a chainsaw, it sounds like the poor man is suffering! Everybody should be so concerned about Alan Greenspan's legacy while we pick up the ruins of our financial system and economy. I am not sad to see that irrational cult of personality come to such an ignominious end.

Central authentication is coming, and here's a good reason why

Some interesting reading today on OpenID, Facebook Connect, and the dog's breakfast of authentication standards in the market:

Facebook Connect and OpenID Relationship Status: “It’s Complicated” – John McCrea of Plaxo

The authentication landscape appears to be coalescing. I think a lot of vendors will still want to have a "walled garden" ID scheme, but I'm inclined to think their customers will drag them kicking and screaming into a federated identity world.

I have a good reason to think so. People already use a dangerous form of single sign in: they use the same user ID and password across multiple sites. Some day soon an enterprising young script kiddie from Yemen is going to sit down and write a Distributed Identity Theft Attack that will plunder the databases of weak sites (like some forum that you don't even remember signing up for) to take possession of more valuable sites (like Facebook and LinkedIn) and then finally the holy grail (your email account, used to unlock everything else). Nobody, not even Bruce Schneier (by his own admission), has a different password for every site: at best, we have low, medium, and high-security passwords. But if you're using the same password everywhere, you're only as secure as the weakest site you visit, which means gold bars for the putative Yemeni banks.

Also, über-paranoid password complexity and periodic forced password change rules actually encourage people to use a password formula across different sites, and to change only the last character in a preset sequence. They're virtually assured to do so, because security training has taught people to never, under any circumstances, write down their passwords. So a dictionary attack will still work in most cases for the DITA outlined above – forty-seven variants isn't a lot to try, and most sites don't lock accounts for password failure.

So go change your online banking password right now, I'll wait. Don't forget PayPal, too. And Amazon, which holds your credit card info, as does iTunes.

So, we'll stumble along with our user ID (which is, often as not, the email address) and password (same everywhere) until the Russian Business Network strings together some Perl code and causes a smart-spam and bank fraud wave big enough to shake consumer confidence in the web. At the very least, consumers will learn not to trust websites with homegrown authentication. They'll pick one or two big-name vendors they trust.

Help stop constitutionalized bigotry in California

California's Proposition 8 is intended to end same-sex marriage in California, which the California Supreme Court ruled constitutional in June. The California Assembly had previously passed a law to allow same-sex marriage, but Governor Schwarzenegger (it hurts to type that) vetoed it, saying that it was up to the supreme court to decide. Well, they did, and although Arnie said he'd campaign against Prop 8, he's done dick-all about it. I guess he's too busy to call a press conference.

Anyhow, the Mormons are pouring enormous sums of cash into the campaign for Prop 8, and although many high-profile celebs are donating to the fight to stop it, it isn't enough. I've given, and I'd like to ask you to give as well. Everybody deserves the right to marry the person they love, and shouldn't have to emigrate to do so, as I did. Equality can be maintained, but only at a cost. Please give now.