I just saw this on Picocool, a site I usually like a lot for its interesting or beautiful geeky little objects.
It’s a padlock for a USB thumb drive, to insert the USB connector into. And it strikes me as a very bad idea. Why? A three-digit code contains only 1000 combinations. If the thief or finder of the drive takes 3 seconds to try out each one of them, the lock can be removed in under 1 hour (1000 * 3 / 60 = 50 min).
Anyone relying on this device to prevent data breaches may be lulled into a false sense of security. If more drives are lost because their owners reduce their vigilance, the net effect may be worse than not securing your flash drive’s business end at all.
So after a week of travelling (to MAAWG in Amsterdam, which was a thought-provoking experience) and several being busybusybusy all around, I finally managed to watch the Google I/O 2009 presentation about the upcoming Google Wave messaging and collaboration platform.
There are three thoughts that this video inspired:
When I first heard about Wave, despite the positive noises from people I trust, I was sceptical: it sounded like something I’d very much enjoy using myself, but as a successor of email for a great number of people? Email may be antiquated, as internet technologies go, yet it is the primary means of addressing messages to those connected to the net — a great number of whom aren’t collaborating on documents or even using IM very much. After watching the presentation, I think this judgment was premature.
To step back a little… Email right now comes in three forms: first, spam; second, what has come to be called “bacn” by some, ie automated but legitimate messages (from post-signup confirmations, via notifications of activities on social networks, to marketing messages and newsletters we opted to receive or that are addressed to us at work); and finally the prototypical email: conversations between real people. The first, we can discount for the moment — no one wants those. For the second, the added value from Google Wave is limited; at most, I might want to annotate such a message for my own use, or link it to my calendar or to-do list (“deadline for signing up to benefit X”, “interesting exhibition at museum Y”). The third is different. If, and from the demo it looks as if Google could pull this off, the user interface is seamless enough, I could indeed see regular people conversing in waves instead of cumbersome email threads. Even better, if, say, Facebook (replace with social platform of choice) messaging threads could be conducted through a Wave client, we’d probably have a winner.
Second thought, if we do think if Google Wave as a potential successor for email, the one central problem that the protocol should be solving is that of spam and abuse. From the limited time I’ve spend with the documents, it seems that the danger of spamming an existing wave is reduced, as each wave carries a globally unique wave id, and messages are transmitted encrypted. What about starting a new wave though? How would one wave provider authenticate with other wave providers? Maybe someone could point me to the relevant section in the protocol, that woud be great. Then there’s the problem of compromised wave accounts, especially if desktop clients appear on the scene. Last, if Wave accounts with Google are free and tied to Google accounts, there’s a need to become more efficient preventing automated account creation for abusive purposes: Nearly all of the Eggcorn Forum‘s spam problems came from accounts registering with a Gmail address, who managed to navigate the confirmed registration process just fine and were without doubt created by bots.
Two short segments in the video particularly piqued my interest: automated translation — on the fly — between 40 languages? Google Translate has become much better over the last two years or so, and it would be great to run some large-scale quality checks on translation features. Oh and that spellchecker, which is the first I’ve ever seen to take context into account. Maybe Google would be interested in throwing eggcorns into the spellcheck-heuristics mix? [My own spellchecker, untrained and brand-new, just complained about “aren” … in “aren’t”. Sigh.]