The “Rebooting the Web of Trust” session by Christopher Allen at Internet Identity Workshop 21 was a nice summary of the submissions (the price of attendance) for an upcoming conference. Not only are the papers on Github but also issues are discussed.

Two weeks ago, I attended a day of sessions at IETF92 in Dallas. At the newcomer’s orientation, the IETF’s practice of measuring rough consensus with humming rather than a show of hands was covered. Scott Bradner explained that this accommodates the contigency of an employee of a company wanting to comfortably express preference for a view inconsistent with the view of the employee’s boss (an example of where anonymity is important). This assumes that there is enough people in the room to stay anonymous. However, I noticed that for trivial or non-controversial issues, a show of hands was used.

The remote participation tools for IETF are impressive and it was cool to see this in action. The media archives of past events is also a great resource. Here is the media for the OAuth session I attended.

Yesterday, Democracy Now! interviewed Bruce Schneier for his book Data and Goliath. The book includes a footnote to the informative Analysis of Brightest Flashlight Free for Android in his “Business of Surveillance” chapter. Schneier notes that “the app started collecting and sending location information even before people clicked” accept on the license agreement. The FTC “didn’t fine the company, though, because the app was free.” More than 50 million users have downloaded the malware on the various app stores.

What is appalling is how often media coverage completely misunderstands the concept of consent with cases like this, Superfish and the Facebook Experiment. A typical example is this Guardian article:

Are users bothered by the privacy implications of these kinds of apps? Seemingly not, judging by their popularity. Brightest Flashlight has been installed more than 50m times according to the Google Play store’s stats.

The whole point is that these companies are not disclosing to the users what they are doing to them. And so it’s the users’ fault that they’re not bothered by the transgressions?

I have been playing around with Firefox Hello today. It requires at least version 34.0.5 of Firefox. I like having a contact list in my Firefox browser to initiate WebRTC video conferences. For instance, If I am signed in to Firefox Hello, you can easily call me after adding my email as a contact. If I am not signed in, it seems you have to send me an invitation url to call me which isn’t so bad.

I’m in Longview for my brother David’s memorial service. On a visit with him here in August, he showed me an online community devoted to sharing information about cancer treatment. It was a real online community that made a difference and I was very glad to see the important contributions he made.