Potholes on the road to the self-driving future

This morning’s Observer column:

Somehow I think it’s going to take quite a while to get to self-driving nirvana. For one thing, autonomous vehicles require digital mapping that is an order of magnitude more detailed than anything in Google Streetview. Secondly, those maps need to be continually updated, because even an unexpected new mini-roundabout might confuse the vehicle and cause an accident.

But the biggest obstacle might come from what supposedly kept Harold Macmillan awake at nights – “events, dear boy, events”. Driving in Devon last weekend, I came on a number of temporary traffic lights at roadworks, and wondered how an autonomous vehicle would cope with them. After all, they would not appear on its digital map; and although it would be programmed to look for a red light in a standard position at a junction, it might not “see” a temporary one.

Devon is a ravishing county, but it has one quirk from the motorist’s point of view: it has lots of extremely narrow lanes, most of which have high hedges growing on either side. There are occasional passing places which allow two vehicles to edge past one another. This is fine until a procession of three or four vehicles meets another procession of several cars stuck behind a truck, at which point the only way to reach a solution involves a good deal of human-to-human negotiation. This is something that even the dumbest human is good at, but which will lie beyond the capability of even the smartest machine for some time to come…

Read on.

The ad-blocking paradox

This morning’s Observer column:

Mail Online is one of the world’s most popular news websites and it’s free: no paywall. But my browser has a plug-in program called Ghostery, which will scan any web page you visit and tell you how many “third-party trackers” it has found on it. These are small pieces of code that advertisers and ad-brokers place on pages or in cookies in order to monitor what you’re doing on the web and where you’ve been before hitting the current page.

When I looked at the Mail Online report, Ghostery found 31 such trackers. Some of them came from familiar names (Google, Amazon, Facebook, Pinterest, Doubleclick). But others were placed by outfits I have never heard of, for example, Bidswitch, Brightcove, Crimtan, Sonobi, Taboola. These are companies that act as high-speed intermediaries between your browser and firms wanting to place ads on the web page you’re viewing. And theirs is the industry that pays the bills (and sometimes makes a profit) for the publisher whose “free” content you are perusing.

But we humans are cussed creatures. It turns out that we loathe and detest online ads and will do almost anything to avoid them…

Read on

iWatching

iWatch

I bought an Apple watch a few weeks ago. “It’ll take a while to get used to it”, a friend said to me, and he was right. My expectations were low, based on previous experiences with so-called smartwatches, which were generally flaky. But because I have a policy of not writing about stuff that I don’t actually own, I bought the cheapest, and, as I thought, the least ostentatious, version of the Apple device.

And…?

Well, it grows on one. The battery life is better than I expected (and it charges quickly). The interface works. Most importantly, the linking with the iPhone is really seamless. What infuriated me about, say, the Pebble watch, was the flakiness of the ‘notifications’ system. It turns out that the main reason I want a smartwatch is so that it stops me having to take my phone out of my pocket all the time. The Pebble failed miserably in that regard, whereas the iWatch is excellent for that. When a message comes in, all it takes is a glance to identify the sender — and therefore to know whether it needs attention or not.

Apart from Quentin’s commentary, the most insightful comments on the watch that I’ve come across are by Ben Evans. For example:

Reading the Watch’s launch reviews, I sometimes got the sense that the tech press was writing about it as though the luxury goods industry didn’t exist and that the luxury press was writing as though technology didn’t exist: no-one spends money on things because they’re just nice and no-one buys things that don’t last forever. The gold version brought this out best – a tech product that’s $10,000 but has the same spec as the $350 one – heresy! And a gold watch that probably doesn’t last a lifetime – again, heresy! But all rules can be broken with the right product – that’s how progress happens. Meanwhile, the irony is that it’s not actually the gold that’s the luxury but the software – that tap on the wrist telling you to turn left. In a sense, the gold case is an accessory to the software in the same way that the strap is an accessory to the watch.

Spot on. Smartwatches are unlikely ever to be ‘must-have’ devices. They are luxuries.

Common sense about hacking

From the Economist blog:

FOR companies, there are two strategies for dealing with people who uncover flaws in their IT security: a right way and a wrong way. Our leader on hacking this week tells of the approach that Volkswagen took when a group of academics informed it that they had uncovered a vulnerability in a remote-car-key system: the firm slapped a court injunction on them. It is difficult to conceive of an approach more likely to be counter-productive.

United Airlines, it seems, has a far more enlightened attitude. It has just awarded two hackers 1m air miles each after they managed to spot security weak spots in its website. The move is part of a scheme called “bug bounty”, in which hackers are incentivised to contact the company with security flaws, rather than post them online. This approach is common at Silicon Valley firms, and makes just as much sense for old-fashioned industries too. Pound to a penny, there are nefarious types out there trying to break into most big companies’ IT systems. Encouraging “white-hat” hackers to uncover flaws, and then rewarding them for not revealing them to the wider world, may sit uncomfortably with people’s sense of fairness. However, if it gives firms time to fix the problem, in pragmatic terms the benefit is obvious.

Yep.

The big heist

OK. If you want a really big story, then this is it:

WASHINGTON — The Obama administration on Thursday revealed that 21.5 million people were swept up in a colossal breach of government computer systems that was far more damaging than initially thought, resulting in the theft of a vast trove of personal information, including Social Security numbers and some fingerprints.

Every person given a government background check for the last 15 years was probably affected, the Office of Personnel Management said in announcing the results of a forensic investigation of the episode, whose existence was known but not its sweeping toll.

The agency said hackers stole “sensitive information,” including addresses, health and financial history, and other private details, from 19.7 million people who had been subjected to a government background check, as well as 1.8 million others, including their spouses and friends. The theft was separate from, but related to, a breach revealed last month that compromised the personnel data of 4.2 million federal employees, officials said.

Both attacks are believed to have originated in China, although senior administration officials on Thursday declined to pinpoint a perpetrator, except to say that they had indications that the same actor carried out the two hacks.

The breaches constitute what is apparently the largest cyberattack into the systems of the United States government, providing a frightening glimpse of the technological vulnerabilities of federal agencies that handle sensitive information. They also seemed certain to intensify debate in Washington over what the government must do to address its substantial weaknesses in cybersecurity, long the subject of dire warnings but seldom acted upon by agencies, Congress or the White House.

Note the phrase “other private details, from 19.7 million people who had been subjected to a government background check”.

Humans are the weakest link

This morning’s Observer column:

PGP (now in its fifth incarnation) does indeed enable one to protect one’s communications from spying eyes. It meets Snowden’s requirement for “strong crypto”. But it hasn’t realised its revolutionary potential because it turns out that powerful software is a necessary but not sufficient condition for effective security. And the reason is that, to be effective, PGP has to be implemented by humans and they turn out to be the weak link in the chain.

This was brought forcibly home to me last week at a symposium on encryption, anonymity and human rights jointly organised by Amnesty International and academics from Cambridge University…

Read on

Learning to read

Today’s Observer column:

I never thought I’d find myself writing this, but the Daily Mail has finally done something useful for society. Mind you, it’s done it unintentionally: it didn’t know it was doing good. But still… It would be churlish not to acknowledge its achievement…

Sounds improbable? I know. But read on

Why Bitcoin is interesting

This morning’s Observer column:

When the banking system went into meltdown in 2008, an intriguing glimpse of an alternative future appeared. On 31 October, an unknown cryptographer who went by the name of Satoshi Nakamoto launched what he described as “a new electronic cash system that’s fully peer to peer, with no trusted third party”. The name he assigned to this new currency was bitcoin.

Since then, the world has been divided into three camps: those who think that bitcoin must be a scam; those who think it’s one of the most interesting technological developments in decades; and (the vast majority) those who have no idea what the fuss is about.

I belong in the second camp, but I can see why others see it differently…

Read on