The Panopticlick – You Are Being Tracked
Posted 28 Jan 10
Via Brian Krebs: it turns out that with all but the highest levels of browser security enabled, any website that wants to can uniquely identify your computer.
Cookies, history, visited sites, behavior — none of that matters. Simply assembling all the configuration information your browser shares is enough. The Electronic Frontier Foundation has assembled a demonstration here. Go ahead, try it!
Scary, huh? My own results depended on the browser. Using Opera, with Javascript and cookies disabled, isn’t bad. But of course that setup makes it difficult to actually read many websites, so my fallback is Firefox, with scripting enabled. And on that platform, my config is unique among all 140,000 sites the Panopticlick has tested so far.
The metaphor they’re using is “digital fingerprint,” but it’s more like a DNA sample.
They know who you are. And they’re watching.
Well, there’s always Tor. But that makes your online experience slow and crippled indeed. I use it anyway for certain research — you know, nuclear terrorism and so forth — but it’s not practical for day-to-day browsing.
Happy Data Privacy Day!
This post indexed as: Intelligence, Technology
You can’t crowd-source cultural criticism
Posted 25 Jan 10
Everyone knows that online reviews — of anything — suffer from grade inflation. Just like Ive League undergrads, everyone is (far) above average.
Which makes me wonder, again, why anyone thinks something like Amazon reviews can replace print-venue literary criticism. If you want a reasonable plot summary, sure. If you’re interested in the opinions of political trolls on books deemed controversial, yup, got that. If you’d like a long list of complaints from everyone whose order was late or screwed up somehow, look no further.
But thoughtful commentary, setting a work in wider context, that’s well-written to boot? All too rare.
A viable, internet-based model may emerge. But so far, the loss of print literary culture is just that — a loss, with no replacement yet.
This post indexed as: Reading, Writing
Only luck beats the market
Posted 20 Jan 10
I know, I know, it’s been hammered to death (by study after study after study), but no one ever seems to listen. Actively managed funds — the kind the mutual fund companies want you to buy, the kind they advertise heavily, the kind you’re likely forced into thanks to a limited selection in your 401(k) — do not beat the market. You’re better off in an index fund.
The latest volley from academia comes via January’s Journal of Finance:
This paper develops a simple technique that controls for “false discoveries,” or mutual funds that exhibit significant alphas by luck alone. Our approach precisely separates funds into (1) unskilled, (2) zero-alpha, and (3) skilled funds, even with dependencies in cross-fund estimated alphas. We find that 75% of funds exhibit zero alpha (net of expenses), consistent with the Berk and Green equilibrium. Further, we find a significant proportion of skilled (positive alpha) funds prior to 1996, but almost none by 2006. We also show that controlling for false discoveries substantially improves the ability to find the few funds with persistent performance.
Okay, that was maybe a little abstruse, but the idea is simple enough: funds that beat the market mostly do it with plain luck — and the luck always runs out. (Generally right after they’ve advertised the last-five-year-average returns, and a whole bunch of suckers piled in.)
By the way, there is one way a fund manager do better than, say, VFINX (Vanguard’s cheap S&P 500 index): trade on insider knowledge. This strategy has its pitfalls, however.
Don’t let them earn those absurd bonuses on YOUR retirement. Find a low-expense-ratio index fund, rebalance now and then, and ignore the rest.
This post indexed as: Finance
CIA Enlists Private Tech to Spy on Interweb
Posted 15 Jan 10
The CIA just increased their investment in a private company whose mission is to eavesdrop on social-networking flow everywhere.
Visible Technologies, which trawls “media, video, images, blogs, Twitter, and any RSS feed in 12 languages” for corporate and government clients, just announced a $22m C round. The CIA’s venture capital arm, In-Q-Tel, is both an original investor and a current participant.
Should this bother you? The company’s position is that public statements are, well, public — no expectation of privacy exists. It’s no different than taking a photograph of someone on the street. Or secretly recording the behavior of people inside a supermarket. Or pointing a video camera at an political demonstration …
Legal, sure, until the collected information is used for political purposes. Like compiling dossiers on elderly peace activists: the police would never do that, would they? Oh, yeah, they would.
But that’s not the point of this post. More interesting to me are the quasi-public VC “firms” the government has set up. Besides In-Q-Tel, the Army has its own, OnPoint Technologies (not to be confused with NPR’s talk radio show), and the DOD has a larger initiative they call DeVenCi — Defense Venture Catalyst Initiative. The latter doesn’t invest directly, but facilitates “communications and mutual understanding between innovators and the DoD.” (The difference between funding, vs. guaranteeing large contract purchases in a way that supports the company, may matter less than results, which are likely to be similar.)
Set aside the politics for a moment. Even if the goals of these programs are worthwhile, we should ask, are they a good way to go about it? Remember: taxpayer dollars at work.
For one thing, the employees are well compensated. Furthermore, at In-Q-Tel a significant portion of their pay depends on the financial success of the investments — not the strategic objectives. Conflict-of-interest problems appear inevitable, as fiduciary responsibilities collide with national security concerns. Suppose Visible Technologies became an acquisition target for a Chinese internet company (which is not unheard of). Should In-Q-Tel partners oppose the sale, against their own (and the taxpayer’s) financial interest?
That’s not a hypothetical. Christopher Byron detailed stock shenanigans by In-Q-Tel a few years ago. In somewhat hyperbolic language,
This week there’s more to report on this fishy, six-year-old firm, which has been pouring a reported $35 million annually of taxpayer money into deals running the gamut from the shrewd to the idiotic. The one common feature of them all: if an investment proves profitable, much of the money flows into the pockets of In-Q-Tel’s own employees; if a deal proves a loser, the nation’s taxpayers get stuck with 100 percent of the loss.
Now, evidence is emerging that In-Q-Tel’s brand of “Heads I win, tails you lose” deal-making may go even further than that. A source familiar with In-Q-Tel’s inner workings claims that once an equity deal with a company is worked out, In-Q-Tel officials routinely begin talking the company up on Capitol Hill to help the new partner land lucrative government contracts. A Newsweek story in March of last year suggested much the same thing, reporting that In-Q-Tel helped one of its investment partners — a Nevada-based software firm called Systems Research and Development — obtain government business.
As usual, the fundamental problem is oversight. If the public, or even just a few competent senators and members of congress, were allowed to keep an eye on what In-Q-Tel and its brethren are up to, Byron would have to find other subjects.
By the way, I should mention that my novel Exit Strategy dealt with a government-intelligence VC operation gone rogue. But that was fiction.
This post indexed as: Crime, Finance, Intelligence, Military, Technology
Naked Truth
Posted 12 Jan 10
Yesterday’s Wall Street Journal featured, on the front page, a photograph of a young woman in her underwear. The online link is here, but the picture they include shows the entire group of protesters, of which only one is semi-clad and female; for the front page, the Journal’s editors cropped it down to highlight her.
No one really expected better from Murdoch, did they? So okay. (Anyway, there are far more substantive complaints one could make, like how utterly, conventionally wire-service-like the WSJ’s international reporting has become. For example, despite a couple of good-length articles about the recent resignation of Japan’s finance minister, you’d have to read The Economist to discover the real reasons for his departure.)
Furthermore, Murdoch is, of course, only giving his readers what they seem to want. A friend of mine manages much of the online presence of a trade magazine well-known in its professional niche. He says that far and away their most popular articles are those featuring underdressed women (a topic only distantly related to the profession in question). Or celebrities. Or best of all, underdressed celebrities.
Again, that’s no surprise. The tracking tools available even to casual bloggers are remarkably powerful. Suppose you pay close attention to what draws your readers, and adapt your offerings accordingly. Pretty soon, natural evolution will lead to … well, you can imagine.
This blog will try to resist the temptation. However, I must note that when I tweeted about the underwear-protestor yesterday, the bit.ly link received more click-throughs than any other so far (in my admittedly rather brief Twitter history). What to do, what to do …
This post indexed as: Reading, Writing
Speed Racer on the Virtual Trading Floor
Posted 08 Jan 10
Some doomsday reporting last fall on “high velocity trading,” where massively powered computers running PhD-designed algorithms buy and sell stocks in fractions of a second. Technology Review has a great article on the topic this month (if you don’t subcribe, or aren’t an MIT alum, another copy may be found here).
The technology is amazing; one hedge fund is quoted saying they have computing power equivalent to Lawrence Livermore National Laboratory’s. High-velocity quant funds, as they’re known, will trade millions of shares every hour, with notional values of hundreds of millions of dollars — in and out in seconds, arbitraging the tiniest differences in prices across markets.
Critics claim these guys threaten to crater the market again, like 1987′s Black Monday, only on vastly larger scale and over in micro-seconds. The funds argue they’re merely providing liquidity, and their positions are net market-neutral, but they would say that, right? They’re making money faster than the mint can print it.
I don’t know who’s right. But it is obvious that the incredible ingenuity, effort and investment spent on devising these systems could have gone elsewhere: curing malaria? developing better solar cells? eliminating E.coli from children’s school lunches? NOT canceling the manned space-flight program?
Still, the technology is fascinating — and surely provides framework for someone’s next financial thriller.
This post indexed as: Finance, Technology
Online banking, like it or not
Posted 07 Jan 10
Via Ezra Klein, from Felix Salmon, the brave golden new world of online banking.
Call me paranoid (many have) but the takeaway line is this one:
[Yodlee] built up an enormous dataset over the years — $3 trillion of transactions from 23 million users have been cleaned up and put into a huge database by 500 employees — and it’s now going to open up that database to software developers around the world.
Um, that would seem to raise a few questions about privacy. Like, who owns that data? Given the constant drizzle of data breach reports, basic security appears to remain a huge issue. And more broadly, do you really WANT profit-seeking private firms knowing so much about you and your financial life?
As it happens, I encountered Yodlee more than ten years ago, when they were just starting out as a personal-financial-information aggregator. The idea was, you’d register and then give them all your logins and passwords — banks, credit cards, investment accounts, frequent flyer miles, whatever — and they’d compile it all into a simple, consolidated view. From there you could do all your transactions, and see your total balance sheet, on one platform.
Neat, huh? I thought so, and I wanted to introduce them to the large financial firm I was working for. So I went to sign up, just to try it out. I got through the initial registration screens, up to the point where they asked for my bank account number . . .
and I stopped. Just couldn’t do it. Sure, they had the most bulletproof firewalls and encryption and privacy policies in the world — or so they claimed — but that wasn’t enough. Not for me.
Now, it has to be said: I’m old. Older than the teens and 20-somethings who are likely to use these services in the future, cheerfully and without fear. And Yodlee has never experienced a data breach (that we know of).
That’s not good enough for the FBI, as it turns out, which last week recommended using only sterile computers for online banking. Is it good enough for you?
This post indexed as: Finance, Technology
Shiny New Vocabulary
Posted 06 Jan 10
SF authors are always onto the next thing, and not just science and plots and ideas. Especially in harder-edged stories (which I admit I tend to prefer) cool new words are always appearing to seize their moment in the limelight.
Some years ago, for example, the word “regolith” seemed to show up everywhere (or at least in every description of a rocky, airless moon, where regolith is the pulverized dust you get after millennia of pounding by meteoroids). Or “nonbaryonic,” used to describe certain exotic forms of matter. Words like that sound good, they imply deep scientific understanding, and suddenly everyone is using them.
Anyway, today’s word is saccade, which appears in both of the first two stories in The New Space Opera 2. As a bonus, the two authors used the word in quite different ways.
Look for it everywhere, soon.
This post indexed as: Writing
TMI: Tradecraft
Posted 06 Jan 10
One reason I enjoyed reading thrillers and spy novels, when I was younger, is the tradecraft you could learn. Detailed instructions for evading a tail, planting a bug in an embassy, exchanging coded microdots in dead drops — it’s all there, in between the gunfire and betrayals by venal politicians. A fascinating window into the secret world, unavailable anywhere else …
until now. This once-mysterious arcana is now laid out in dozens of neat, lesson-planned how-to books, aimed at all ages. The gift shop at the International Spy Museum includes (among many, many more) the following titles:
Handbook of Practical Spying
The Real Spy’s Guide To Becoming a Spy
Ultimate Spy
Other tricks and techniques are detailed in books like The Worst-Case Scenario Survival series. Wannabe MacGyvers have Sneaky Uses for Everyday Things (or, for that matter, The Unofficial MacGyver How-To Handbook).
From an author’s standpoint, it’s sort of like forensics. In the old days, half the fun of a police procedural was, well, the procedure: how to take a fingerprint, run a DNA scan, or spray a hotel room with Luminol. Thanks to CSI: Everywhere and a cultural fascination with this stuff, readers now know far more about it than I ever will. Even autopsies — for a mystery to be publishable, apparently a pathologist has to saw open a braincase by Chapter 3.
I can’t possibly keep up, but now that the information is out there, maybe it doesn’t matter so much. I guess there’s always character, plot, setting and voice to fall back on.
This post indexed as: Intelligence, Technology, Writing