« Routers behaving badly | Main | Facts are scarred »


Phoenix_detail_from_Aberdeen_Bestiary.jpgThis week, on one of the mailing lists I read, someone asked for recommendations for organizations to which they could make charitable donations as part of their holiday deliberations. The criteria: organizations involved in protecting online rights that can make progress on solving problems such as security, privacy, cyberbullying, fake news, and hate crimes.

The problem isn't finding organizations interested in these issues. There are plenty. To name a few... In the US: American Civil Liberties Union; Electronic Frontier Foundation; Electronic Privacy Information Center. In the UK: Open Rights Group; Privacy International; Liberty; Index on Censorship The problem is the *progress* bit. This stuff is really, really hard, and the last month in particular has been dispiriting.

There is the passage of the UK's Investigatory Powers Act, the FBI's new hack-any-computer powers (for values of "computer" that include cars, Barbie dolls, and streetlights, one presumes). And the whizzing-along-progress Digital Economy bill. These bills have stuff in them the above-named folks have been fighting for 25 years; in fact, parts of the Investigatory Powers Act were the stuff of the very first net.wars column, back in November 2001. Progress in this context means continuing to find the will to continue fighting the same battles against new waves of opponents.

A day later, I read at Light Blue Touchpaper that under cover of Brexit distraction - so useful for so many things! - the UK government is overriding people's decision to opt out of sharing their health data whenever the Department of Health rules that the data has been anonymized. This means re-fighting a large part of the care.data fiasco, as medConfidential writes.

Meanwhile, as Kevin Marks pointed out a month or so back (right before I was going to!), the web is becoming increasingly unreadable. Marks's triumph was tracing the reasons back to a school of design that thinks - presumably because they're all 17 and have perfect eyesight - that contrast is tiring, and eyes want a kinder, gentler, less functional reading experience. Actually, what's tiring is all those glaring white backgrounds. There's a reason why accountants' paper is buff or pale green; it's so that staring at all those tiny numbers all day they don't get headaches. For me, the most comfortable reading on-screen is bold, white letters on a black background. I believe that's the right way round: the letters, the star attractions, are the things that should be luminous.

The present style, however, calls for skinny, grey type. I have partially solved this by adding the "Page Colors and Fonts Buttons" extension to Firefox. This gives me the discretionary power to selectively override designers' illegible choices. But I shouldn't have to. Design schools should be teaching their students the lessons the industry learned during the early 1990s push towards software usability: human eyes don't resolve blue particularly well, so it's not a good color for extended batches of text; small type is harder to read; pale type is harder to read; grey type is harder to read. Instead, what we have here is a failure to communicate.

PRZ_closeup_cropped.jpgAlso a failure, according to Filippo Valsorda: PGP. for many of the same reasons I complained about in 2011. There are just too many picky details to get right. Making it work today, when almost everyone does their email on more than one device and has to choose between spreading copies of their private keys (bad hygiene) or being locked out of encrypted mail much of the time (ditto), is nearly impossible. Besides, he writes, it's not clear that long-term keys are a good match for the threat model. He's moving on to other techniques, and I suspect anyone who's serious about their personal security will eventually follow suit. However, one note. PGP's creation was the result of two threat models: first, protecting individual privacy, but second, rumors that the US government would ban the domestic use of strong cryptography. It's arguable that it worked better to counter the second of those than the first.

Apparently inspired by Pando's Paul Carr, the Come to Satan website is gleefully monitoring the computing press for previously anti-Trump Silicon Valley CEOs who are back-tracking on all the never-Trump stuff they said during the campaign. This site feels like the Net circa 2000; put it alongside ancestors Suck.com and FuckedCompany and it would feel right at home.

Finally, The Register reports that XP is still in use in the NHS and will continue to be so into 2017. I'm not surprised; as I wrote in 2014, software is forever. The situation reminds me of a friend who commented that when he reached the age of 47 it dawned on him that things in his life that he'd thought were "penciled in" were in fact permanent conditions. Life - and time - has a way of sneaking up on you like that, like it did to the developers writing software with two-digit years in the 1950s, or will do to the inventors today hatching the Internet of Things with a cheerful "isn't security Someone Else's Problem?" disposition. Yesterday's mistakes are ready and waiting to plague us.

Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.


TrackBack URL for this entry:

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)