i-eclectica.org

I’ve just come back from Adelaide (the latter explaining the lack of postings for the last few days), and I had decided to do something this morning I already wanted to do before my trip: check out Wuala - which I will in a tic . Going to YouTube though, I found this little clip - on a movie called “Hard Walk”, to be released in the States on December 21. I’m sure it’ll come to Australia, like most questionable Hollywood production warez. “Walk Hard” is a parody of the biopic genre, and mainly caricaturises the 2005 film, “Walk the Line” (which documented the life of Johnny Cash), following the fictional character Dewey Cox as he eventually gets caught up in the fame of rock and roll. The film contains a lot of references to other biopics, such as those of Jimi Hendrix and Marilyn Monroe; even the movie’s poster is a reference to the “young lion” photos of Jim Morrison. Despite my suspicion that the movie will be crap, I nevertheless quite like this song and its undertones …

[via Dare Obasanjo aka Carnage4Life] - Facebook just sucks!

Facebook Beacon is Unfixable

Earlier this week I wrote a blog post which pointed out that the two major privacy and user experience problems with Facebook Beacon where that it (i) linked a user’s Facebook account with an account on another site without the users permission and (ii) there was no way for a user to completely opt out of being tracked by the system. Since then Facebook has announced some changes which TechCrunch named Facebook Beacon 2.0. The changes are excerpted below

Notification

Facebook users will see a notification in the lower right corner of the screen after transacting with a Beacon Affiliate. Options include “No Thanks” that will immediately stop the transaction from being published. Alternatively closing or ignoring the warning won’t immediately publish the story, but it will be put in a queue

Second Warning

Presuming you’ve ignored or closed the first notification, Facebook warns users again the next time they visit their home page. A new box reminds you that an activity has been sent to Facebook. Like the first notification you can choose to not publish the activity by hitting remove, or you can choose to publish it by hitting ok.

…

Opt Out
Found via the “External Websites” section of the Facebook Privacy page, this allows users to permanently opt in or out of Beacon notifications, or if you’re not sure be notified. The downside is that there is no global option to opt out of every Beacon affiliated program; it has to be set per program. Better this than nothing I suppose.

The interesting thing to note is that neither of the significant problems with Beacon have been fixed. After the changes were announced there was a post on the CA Security Advisory blog titled Facebook’s Misrepresentation of Beacon’s Threat to Privacy: Tracking users who opt out or are not logged in which pointed out that the complaining about purchase history getting into the news feed of your friends is a red herring, the real problem is that once a site signs up as a Facebook affiliate they begin to share every significant action you take on the site with Facebook without your permission.

Which is worse, your friends knowing that you rented Prison Girls or Facebook finding that out without your permission and sharing that with their business partners, without your permission? Aren’t there laws against this kind of invasion of privacy? I guess there are (see 18 U.S.C. § 2710)

I wonder who’ll be first to sue Facebook and Blockbuster?

Anyway, back to the title of this blog post. The problem with Facebook Beacon is that it is designed in a way that makes it easy for Facebook Beacon affiliates to integrate into their sites at the cost of user’s privacy. From Jay Goldman’s excellent post where he Deconstructed the Facebook Beacon Javascript we learn

Beacon from 10,000 Feet

That basically wraps up our tour of how Beacon does what it does. It’s a fairly long explanation, so here’s a quick summary:

1. The partner site page includes the beacon.js file, sets a <meta> tag with a name, and then calls Facebook.publish_action.
2. Facebook.publish_action builds a query_params object and then passes it to Facebook._send_request.
3. Facebook._send_request dynamically generates an <iframe>which loads the URL http://www.facebook.com/beacon/auth_iframe.php and passes the query_params. At this point, Facebook now knows about the news feed item whether you choose to publish it or not.

When you read this you realize just how insidious the problem actually is. Facebook isn’t simply learning about every action taken by Facebook users on affiliate sites, it is learning about every action taken by every user of these affiliate sites regardless of whether they are Facebook users or not.

At first I assumed that the affiliates sites would call some sort of IsFacebookUser() API and then decide whether to send the action or not. Of course, this is still broken since the affiliate site has told Facebook that you are a user of the site, and depending on the return value of the hypothetical function the affiliate in turn learns that you are a Facebook user.

But no, it is actually worse than that. The affiliate sites are pretty much dumping their entire customer database into Facebook’s lap, FOR FREE and without their customers permission. What. The. Fuck.

The icing on the cake is the following excerpt from the Facebook Beacon page

Stories of a user’s engagement with your site may be displayed in his or her profile and in News Feed. These stories will act as a word-of-mouth promotion for your business and may be seen by friends who are also likely to be interested in your product. You can increase the number of friends who see these stories with Facebook Social Ads.

So after giving Facebook millions of dollars in customer intelligence for free in exchange for spamming their users, Facebook doesn’t even guarantee their affiliates that the spam will even get sent. Instead these sites have to pay Facebook to “increase the chances” that they get some return for the free customer intelligence they just gave Facebook.

This reminds me of the story of Tom Sawyer tricking people into paying him to paint a fence he was supposed to paint as part of his chores.

At the end of the day, Facebook can’t fix the privacy problems I mentioned in my previous post in a way that completely preserves their users privacy without completely changing the design and implementation of Facebook Beacon. Until then, we’ll likely see more misdirection, more red herrings and more violations of user privacy to make a quick buck.

My good mate Harry found this video on Random Good Stuff. I like the idea of proving that anybody can dance, and I also like that it can be see as continuing a tradition that is probably almost totally forgotten (except by my vaguely). During the early days of the Russian revolution artists, especially those previously linked to Futurism, tried out all kinds of amazing things to push artistic boundaries. Given the fascination those guys had for industrialisation, one then famous composer wrote a symphony for sirens and other factory elements (can’t remember, maybe chimneys and/or cranes) and he conducted it from some lofty point above a factory. I wonder whether he would have shared some artistic passions with the choreographer of the excavator ballet …

Art: Edward Hopper

Whether oil scarcity is a result of peaking or plateauing, one affected sector not on many people’s minds is health care. Orion magazine published an article on the issue in its July/August edition under the title “Medicine After Oil” in which Daniel Bednarz not only highlights the important role oil plays in our Western health care system but also proposes a new system for a world after oil dependence.

“Petrochemicals are used to manufacture analgesics, antihistamines, antibiotics, antibacterials, rectal suppositories, cough syrups, lubricants, creams, ointments, salves, and many gels. Processed plastics made with oil are used in heart valves and other esoteric medical equipment. Petrochemicals are used in radiological dyes and films, intravenous tubing, syringes, and oxygen masks. In all but rare instances, fossil fuels heat and cool buildings and supply electricity. Ambulances and helicopter “life flights” depend on petroleum, as do personnel who travel to and from medical workplaces in motor vehicles. Supplies and equipment are shipped—often from overseas—in petroleum-powered carriers. In addition there are the subtle consequences of fossil fuel reliance. A recently retired doctor [informed Bednarz], “In orthopedics we used to set fractures mostly by feel and knowing the mechanics of how the fractures were created. I doubt that many of the present orthopedists could do a good job if you took away their [energy-powered] fluoroscope or X-ray.”

America has a shocking health system, with premium (”Ferrari”) care provided to those who can afford it, and a “jalopy model” serving the over 50 million un- and underinsured who very often receive no treatment, defer treatment until their condition cannot be ignored, or face economic ruin when they seek adequate care. With rising prices for oil, this number will swell, moving health care more and more out of reach for ordinary citizens - and not just in the US. Worldwide people in the so-called developed world could join ranks with those in the majority world and experience ill health in epidemic proportions.

The solution Bednarz promotes is an obvious one: moving away from treatment medicine to giving priority to public health strategies, in particular prevention of disease and promotion of health within the population as a whole. “Typically accomplished through the diffusion of information, low-cost therapies, and the promotion of healthful nutrition and lifestyle, preventive medicine allows people to avoid or postpone disease, and to stay clear of the costliest and most energy-intensive sectors of the medical system—doctors’ offices, pharmacies, and the hospital.”

Unlike the much more elitist treatment based model, public health care is “inherently egalitarian - if the entire community is not protected, then no one’s health is assured”. In addition: even though public health is overburdened and underfunded (receiving in the US about 5 percent of health-care dollars, with the balance going to treatment medicine and to biomedical research), it nevertheless exists and does not have to be reinvented. “Public health workers, for example, educate about and test for HIV/AIDS and other sexually transmitted diseases; they interdict infectious diseases like avian flu; they create emergency plans to deal with a variety of disaster scenarios; they monitor waste management and air and water quality”. All that is needed to meet the health-care challenges of the coming energy transition, or, for that matter, those of climate change, is to re-prioritise health policy strategies.

The question that Bednarz doesn’t address though in this context is how the medical establishment will react to such transformation. He mentions some ‘public health’ officials are beginning to address possible oil scarcity’s effect on health care, but there is no hint on how such changes would be greeted by the traditional medical establishment that monopolises the health system, with a lot of its privileges, status and defensive ideologies at stake. Such concerns though are based on our current environment; the ‘after-oil world’ will be a totally new one, with very different dynamics, worldviews and also chaos that could lead to all kinds right now unpredictable outcomes. One of those could indeed be a more just and democratic society, one which, amongst other things, successfully promotes health and wellbeing for all people. The latter certainly is Bednarz’s hope - and mine.