Silent Circle: mobile phone privacy

Privacy being what it is today, people rarely think to themselves: what will Google and Apple do with all of this smartphone data? If you think its benevolent, I’d have a hard time agreeing. Though that hasn’t stopped me from having a smartphone for work purposes, it does cause me to pause sometimes. (and keep my GPS functionality turned off 99% of the time)

CNet ran an article about Silent Circle, which seems like an interesting subscription service founded by an ex-PGPer.  (not that Vindicia doesn’t have some of our own: here, here, and here)

Zimmermann’s new company, Silent Circle, plans to release a beta version of an iPhone and Android app in late July that encrypts phone calls and other communications. A final version is scheduled to follow in late September.

This time around, Zimmermann is facing not the possibility of prison time on charges of violating encryption export laws, but a more traditional challenge: convincing would-be users that protecting their privacy is worth paying Silent Circle something like $20 a month.

* * *

Silent Circle’s planned debut comes amid recent polls suggesting that Internet users remain concerned about online data collection (or at least are willing to tell pollsters so), with Facebook topping health insurers, banks, and even the federal government as today’s No. 1 privacy threat. Yet even after a decade of startups that have tried to capitalize on these concerns, consumers spending their own money remain consistently difficult to persuade that paying for privacy is worth it.

Of course, if you ask me, Facebook isn’t the thing that scares me most.  It’s the Googleplex and now the rising Appleplex.  Either way, having an encrypted service would be great.  Anyone remember  It’s long gone, but in my mind, having a nice service for the smartphone to protect my data from Google and Apple is a welcome thing.


An ISP Centered on Consumer Privacy: sign me up!

News is making rounds on the internet about an ISP that is dedicated to consumer privacy called the Calyx Institute.  (and it’s aiming to be a 501(c)(3) non-profit, which is very cool)  In their very own words:

Imagine… a telecommunications company that prioritizes privacy over profits. The Calyx Institute is poised to turn this prospect into reality by launching the first not-just-for-profit telephone and Internet service as part of its research into privacy technology. Calyx’s charter directs it to use all legal and technical resources available to protect the rights of its constituents and customers.

I don’t know about you, but that sounds extremely interesting.  Why?  Because it seems like more and more, privacy and data ownership/usage is the big thing for internet, media, and telecom.  Google has vast treasure troves of data.  Now of course, so does each ISP–and its even more personal than Google’s treasure trove because an ISP can actually log a lot more activity.  The thought that an ISP could not only use it for marketing (fair game for most privacy policies), but for monitoring and providing it to third parties like the government…  or other governments?  That can make a lot of people suffer from mild paranoia.

So as you can tell, this is very interesting and I am excited.  I note that two of the board members have involvement with the Tor project, something that used to be great for circumventing the Great Firewall.  And here are some excerpts from CNet about the organization and its founder, which I think very fascinating:

Nicholas Merrill is planning to revolutionize online privacy with a concept as simple as it is ingenious: a telecommunications provider designed from its inception to shield its customers from surveillance.

Merrill, 39, who previously ran a New York-based Internet provider, told CNET that he’s raising funds to launch a national “non-profit telecommunications provider dedicated to privacy, using ubiquitous encryption” that will sell mobile phone service and, for as little as $20 a month, Internet connectivity.

The ISP would not merely employ every technological means at its disposal, including encryption and limited logging, to protect its customers. It would also — and in practice this is likely more important — challenge government surveillance demands of dubious legality or constitutionality.

Merrill is in the unique position of being the first ISP exec to fight back against the Patriot Act’s expanded police powers — and win.

That prospect doesn’t exactly please the FBI. Last year, CNET was the first to report that the FBI warned Congress about what it dubbed the “Going Dark” problem, meaning when police are thwarted in conducting court-authorized eavesdropping because Internet companies aren’t required to build in back doors in advance, or because the technology doesn’t permit it. FBI general counsel Valerie Caproni said at the time that agents armed with wiretap orders need to be able to conduct surveillance of “Web-based e-mail, social networking sites, and peer-to-peer communications technology.”

But until Congress changes the law, a privacy-first ISP like Calyx will remain perfectly legal.

I’d be tempted to sign up for mobile service once they actually go live.



Data, domain knowledge, and philosophical inquiry

There’s been some really fun debate on the internet due to this little debate at Strata that Michael Driscoll moderated. For those of you who don’t want to read Michael’s post, here is the controversial topic: “In data science, domain expertise is more important than machine learning skill.”  The blog post then goes onto to argue that both are important, but shows how results can lead audiences toward machine learning.  I do find it fascinating and very useful in one sense, not because I want to take sides, but because I think this starts opening the door to actual inquiry into what is knowledge, what is useful knowledge, what is merely information, etc.

Our CEO shared this great link from Paul Miller entitled “Hubris and the Data Scientist“, which I think does a great job breaking down the debate from a larger framework.

This is an extremely worrying attitude, and I can only hope that those who hold it realise the error of their ways before they make a catastrophic mistake that adversely affects the rest of us.

Data scientists are an increasingly capable bunch, and the tools at their disposal sometimes appear almost magical in their capability to derive insight. * * *

But to suggest that simply “letting the numbers speak for themselves” is an effective way to make real decisions is, quite simply, bonkers. Data is merely one input to an effective decision making process. Prior knowledge, policy considerations, and an awareness of experimental bias, sampling error, and quaint notions such as ground truth continue to play a fundamental part.

In responding to Brockmeier’s post, Strata co-chair Alistair Croll also makes an important point: “Of course, understanding which data to apply to a problem, and when to listen to the numbers, is a nuanced thing.”

* * *

Data Science — and the data scientist — are here to stay, and they bring tremendous value with them. But they’re an adjunct to domain knowledge, not a replacement for it.

Paul makes great observations: first, that you need knowledge and expertise to actually use data properly.  I strongly agree with that.  What good are numbers if they are not targeted properly?  (Or provocatively, like if you read Freakonomics or Outliers)  It takes expertise or at least interest (with some knowledge) to ask the right questions for which you can use data to do interesting things.  Otherwise, you just information–you don’t know knowledge.  (Alistair Croll’s point)

Backing up even one more step, I like to throw out this idea: what is “expertise”?  “Science”?  For all the way we use them, these are actually terms that are loosely defined, if at all, and not with a lot of precision.  Results and data (information) can be supremely interesting in testing out the posits of science or expertise.  And so they become an interesting tool to dismantle “expertise” when used properly.  But these end up being tools to ask the deeper question of what is knowledge, expertise, science, etc.

And you know what?  The best place at that point isn’t the data or the expert or the scientist.  It isn’t audience polls.  The king of such inquiry inquiry is actually the philosopher.  I don’t claim to be one, by the way–just find the field quite fascinating.  Because philosophers don’t even have a great working definition for “science”.  Philosophers debate and argue about knowledge in its most fundamental sense, and as such, every other debate (such as the one about data/machine learning vs. domain expertise/science).  We don’t need polls.  We need more philosophers to properly unravel this question.  (I’ll bet they probably have, it’s been over a decade since I’ve taken a philosophy course)

Epistemology is a great place to start this debate, not by polling the audience.


1 Comment

Thoughts on Downtime

A lot of downtime all over the place.  You know all about the Verizon mobile data downtime for example….  okay, if you don’t, I surely do since the 4G and 3G outages have been pretty annoying.  You know what?  It actually is hard to keep your systems running properly.  Besides, its easier to come close to the SLA and then ask for people to request credits, rather than running a bulletproof system.

Of course, downtime when it comes to your billing solution–ouch.  Double ouch.  I know it’s not professional to do this, but I’ve been stunned by the recent rash of outages in the SaaS billing world.  Why not try herehere (too), here, and here (hidden), to check out a few.

Not to mention that many of our main competitors take their systems down once a month for simple patches claiming its for “functionality”.  Yes and no.  It is, but that’s also because they haven’t architected a system that can handle updates without going down.  Subscription economy…  or subscription roadblock?  You decide.  But just remember…  even 40 minutes of downtime can be a million dollar mistake.

And that’s just billing.  Imagine if your entire infrastructure lived in the cloud?  Scary thought indeed.



Thoughts on Uptime

At Vindicia, we pride ourselves on our 99.99% uptime guarantee.  Sanjay Sarathy, Vindicia’s SVP of Marketing, has a great post here about uptime.   Here is a great excerpt:

Here are the differences between the two uptime SLAs at a monthly level, courtesy Wikipedia:

99.9% = 43.2 minutes downtime

99.99% = 4.32 minutes downtime

The difference of nearly 39 minutes a month might not seem like a big deal.  However, if you are an online merchant that is going through a huge Christmas surge, that hypothetical downtime would create a significant business loss.  For example, if one of our clients would have experienced the additional downtime during their heaviest signup period in 2011, they would have lost over 50,000 new customers in that 39 minute span.  This is especially relevant because it is more likely that there would be a downtime during an extended peak surge.

If each customer is worth $20 that first year, that’s a million dollar mistake.

Of course this matters for your business.  Let me reiterate: million dollar mistake.  We do pretty well against our SLA’s.  Wherever you go, ask them to prove that they can back their uptime guarantee or you’re stuck with empty promises and service credits.  If you can get their track record over the course of a year or two, that’s good information to have.

Update 3/20: looks like Aria is claiming they have 99.99% uptime for the year…  (it’s only March)  But on closer inspection that last year, they had three 9’s.  (99.9%)  Seems a little disingenuous to me to tout 99.99% when they aren’t fulfilling it…  and I highly doubt they are guaranteeing it.  Vindicia actually offers an SLA with four 9’s.  Apples to oranges.



Yes, I got majorly hacked in the past, so I am starting from scratch. That means all other posts and baby stuff (all of my Vimeo videos) have been wiped out. Sad.  So I am starting from scratch with my bio on the About page and then will rework this site as I have time.

Stay tuned for more.