Profile cover photo
Profile photo
Daniel Erat
Communities and Collections
View all

Post has shared content
This post by Kenton seems fitting to reshare as my final public post to Plus (at least for the foreseeable future).
Rant:  Google doesn't understand the difference between privacy and access control.

The designers of Google+ seem to think that access control (e.g. sharing only with certain circles) is the only legitimate way to achieve privacy.  If you say or do something "publicly", then it is fair game for Google to cross-post that content anywhere and everywhere.

- A post related to a new story may appear on Google News next to related articles.  (For example, multiple times, I have posted publicical ramblings that appeared right at the top of Google News' front page.)
- If you +1 something, that fact may appear as an item in your friends' streams.
- If you post a comment on a public YouTube video or a G+-enabled blogger post (, that comment appears in your G+ stream as if you had posted it directly to G+.
- If you post a YouTube video or a G+-enabled blogger link to G+, your post appears as a comment on the video / blog post.

Let's analogize this to the real world.

Consider the following locations:
- A crowded public beach.
- A public clothing-optional bath house, where most (but not all) of the people present are your friends.
- A hot spring in a public park in the middle of the wilderness, far from any signs of human civilization.

All of these places are public.  Are you equally likely to get naked at all of them?  If you got naked at one of them, and Google took pictures and cross-posted them to other locations, would you be cool with that?  After all, they are all public.  Absolutely anyone could walk into any of these places at any time, if they so chose.

When it comes to privacy, context matters.  Security by obscurity is a bad idea, but privacy by obscurity is in fact exactly how privacy usually works.  Expecting people to implement all privacy via hard security is unrealistic and misunderstands the point.

I understand what Google is trying to do with Youtube and other things.  I'd certainly rather see my friends' comments on a Youtube video than those of random internet goons.  But if G+ wants to do this, they need to give users control over it.  For example:
- When I post on G+ about a Youtube video, there could be a checkbox for "cross-post to Youtube comments".  This checkbox could default on, but it has to be there.
- When G+ decides that it would like to feature one of my posts on Google News, it could give me a notification saying "We'd like to feature this on Google News!  Is that OK?  yes/no".  I bet they'd get enough "yes" responses, quickly enough, that they'd still have plenty of content to choose from.

The current approach of simply reposting user-generated content wherever the hell Google wants without permission is going to alienate people, leading them to stop posting publicly (unfortunate, since it makes G+ much less interesting) or leave G+ altogether.

I complained about this when I was an employee there, but the people making the decisions didn't listen.  They told me "public is public; if you don't like it, post privately".  I don't want to post privately.  I want people I don't know to be able to find and follow me.  I just don't want my content showing up in contexts I don't expect.

EDIT:  PS.  As a successful example of non-security privacy on the web, consider robots.txt.  robots.txt does not implement any kind of security whatsoever, but it does implement privacy by preventing search engines from indexing your content and including it in search results, and lots of people (including myself) use it for exactly that purpose.

EDIT2:  Keep in mind that we're not talking about "can", we're talking about "should".  Yes, Google technically and legally can do whatever it wants with my content.  That's not the point, though -- I'm saying they shouldn't.  This is a major difference between security and privacy -- security governs "can", privacy governs "should".  Privacy is thus very nebulous and can be hard to grasp, particularly for engineering and security researcher types.  Like myself: two or three years ago, I totally thought that this approach was legit, and then one day my random political ramblings showed up at the top of Google News and I had an epiphany.
Add a comment...

Post has attachment
I was about to link to this as a story of the triumph of science: to fight macular degeneration, researchers race to create drugs that inhibit the growth of blood vessels. Several seem promising, but then, surprise: an existing drug that has already been FDA-approved to treat colon cancer (bevacizumab, better known as Avastin) turns out to be just as good for treating macular degeneration as the new drugs, but at 1/40 of the cost!

But it actually just turns out to be a story about Genentech being evil:

The situation was unprecedented. Genentech had created Lucentis, a spectacularly effective and expensive drug for wet ARMD. This was a win for patients and stockholders, but sales were undercut by competition from a cheap, off-label competitor. Ironically, the cheap competition was their own drug, Avastin. The availability of cheap Avastin significantly impacted the sales of Lucentis. The great Avastin vs. Lucentis debate was born. One was more likely to read news about macular degeneration treatments in the business section of the newspaper than the science or medicine sections.

The New York Times reported a secret program instituted by Genentech that provided financial incentives to high-volume prescribers of Lucentis. The contract physicians signed to participate in the program stipulated that the agreement was confidential.

Genentech also announced their intent to stop selling Avastin to compounding pharmacies, a move that would shut down access of most physicians (and patients) to the less-expensive option. Genentech said the move was out of concern for the safety of patients. Ultimately, they backed down from their decision under heavy pressure from professional organizations of ophthalmologists.
Add a comment...

Post has attachment
Sad to see finally coming to an end.
Add a comment...

Post has shared content
The packet capture shown in these new NSA slides shows internal database replication traffic for the anti-hacking system I worked on for over two years. Specifically, it shows a database recording a user login as part of this system:

Recently +Brandon Downey, a colleague of mine on the Google security team, said (after the usual disclaimers about being personal opinions and not speaking for the firm which I repeat here) - "fuck these guys":

I now join him in issuing a giant Fuck You to the people who made these slides. I am not American, I am a Brit, but it's no different - GCHQ turns out to be even worse than the NSA.

We designed this system to keep criminals out. There's no ambiguity here. The warrant system with skeptical judges, paths for appeal, and rules of evidence was built from centuries of hard won experience. When it works, it represents as good a balance as we've got between the need to restrain the state and the need to keep crime in check. Bypassing that system is illegal for a good reason.

Unfortunately we live in a world where all too often, laws are for the little people. Nobody at GCHQ or the NSA will ever stand before a judge and answer for this industrial-scale subversion of the judicial process. In the absence of working law enforcement,  we therefore do what internet engineers have always done - build more secure software. The traffic shown in the slides below is now all encrypted and the work the NSA/GCHQ staff did on understanding it, ruined.

Thank you Edward Snowden. For me personally, this is the most interesting revelation all summer.
Add a comment...

I am kinda in awe of both mayor Rob Ford and the electorate of Toronto:

According to a poll by Forum Research, Ford’s approval rating rose by 5 percentage points to 44 per cent following a press conference in which police Chief Bill Blair revealed that police seized a hard drive containing a video "consistent with what has been described in the media." i.e. it apparently depicts Ford smoking crack cocaine

Interactive timeline of his glorious career as mayor: is also pretty great:

In June 2006 Ford came under fire for making a controversial remark during a Council meeting. During the meeting Ford spoke out against the city donating $1.5 million to help prevent AIDS. Ford argued that most tax payers should not be concerned with AIDS because "If you are not doing needles and you are not gay, you wouldn't get AIDS probably, that's bottom line...those are the facts." After then Mayor David Miller pointed out that women are the largest growing demographic of people contracting AIDS, Ford responded that it must mean 'they are sleeping with bi-sexual men'.

On March 7, 2007, Ford made controversial comments about cyclists' use of the roads, saying, "What I compare bike lanes to is swimming with the sharks. Sooner or later you're going to get bitten... Roads are built for buses, cars, and trucks, not for people on bikes. My heart bleeds for them when I hear someone gets killed, but it’s their own fault at the end of the day." On May 25, 2009, Ford said, "It's no secret, okay. The cyclists are a pain in the ass to the motorists." As councillor, Ford opposed the installation of bike lanes on University Avenue and Jarvis Street and during his election campaign proposed spending money on off-road cycle paths. Although lanes were installed on Jarvis in 2010, Ford made it a priority to get them removed, and as mayor, was able to get council to reverse the decision in 2011, a move which was criticized by cycling advocates and led to protests.

At a council meeting on March 5, 2008, Ford said, "Those Oriental people work like dogs. They work their hearts out. They are workers non-stop. They sleep beside their machines. That's why they're successful in life. I went to Seoul, South Korea, I went to Taipei, Taiwan. I went to Tokyo, Japan. That's why these people are so hard workers (sic). I'm telling you, the Oriental people, they're slowly taking over." The comments led to a sit-in at City Hall. Ford later apologized for using the term "orientals", but stood by his remarks, claiming that they were meant as a positive assessment of their work ethic.


It's been alleged that he's a drunk-driving enthusiast, too.
Add a comment...

Post has attachment
It's impossible for me to imagine the Bogotá progressive-transit measures that this article describes (hundreds of miles of new cycle paths, a ban on commuting by car more than three days a week, several day-long bans on automobiles) happening in San Francisco. Wikipedia has an unattributed claim that private car ownership is under 27% in Bogotá (and I'm assuming it's divided along class lines), which probably made these policies much easier to enact.

I object to some degree with the article's rosy portrait of bicycle commuting. Living in a city with poor cycling infrastructure, I find it to be far more stressful than walking or driving, particularly during rush hour.
Add a comment...

Seeing a mention of "safety bicycles"[1] while finally reading Erik Larson's The Devil in the White City elicits a sudden urge to try riding a boneshaker or a penny-farthing. Obsolete technology appears to cost a thousand bucks, though.[2] There are weird bikes at Tour de Fat, but the line is always long and this year's event occurred on a rainy day.

1. As I understand it, century-old terminology for a bicycle with a rear-wheel drivetrain and a low center-of-gravity due to equally-sized wheels, i.e. every bike nowadays except recumbents.

Add a comment...

Post has attachment
Great postcard reward from the DNA Lounge parklet kickstarter (

(No, I don't know why I apparently stripped and re-stained my desk between taking these two photos with my phone either. Must've been bored.)
1 Photo - View album
Add a comment...

Post has attachment
Dr. Yorke-Davies was known for creating strict personal diet plans for his patients. In a relationship sustained entirely by mail, he advised Taft to lose at least 60 to 80 pounds.

Meals were to be eaten at certain times and meats were to be weighed. Taft was to eat a small portion of lean meat or fish at every meal, cooked vegetables at lunch and dinner (no butter), a plain salad, and stewed or baked fruit (unsweetened). He got a single glass of “unsweetened” wine at lunch. The doctor also allowed his own diet product, gluten biscuits, that were produced to his specifications in London. Taft bought them and had them shipped to the United States.

Taft tried to adhere to the program and also employed a personal trainer, known at the time as “a physical culture man.”

By April 1905, six months after he first wrote to the doctor, Taft had lost 60 pounds. But even though people told him he looked good, he was “continuously hungry,” he wrote the doctor.

Taft began to gain back the weight and stopped writing to the doctor, who asked Taft’s friends and family what was going on. After learning Taft had regained 19 pounds, he told Taft he needed to return to his diet program or “in another three or four years you will be almost back to your original weight.”

By the time Taft was inaugurated as president in 1909, he had indeed regained all he had lost, and more, weighing 354 pounds.
Add a comment...

Post has shared content
By the spring of 2011, almost six years after he’d signed on, Senior Airman Brandon Bryant left the Air Force, turning down a $109,000 bonus to keep flying. He was presented with a sort of scorecard covering his squadron’s missions. “They gave me a list of achievements,” he says. “Enemies killed, enemies captured, high-value targets killed or captured, stuff like that.” He called it his diploma. He hadn’t lased the target or pulled the trigger on all of the deaths tallied, but by flying in the missions he felt he had enabled them. “The number,” he says, “made me sick to my stomach.”
Add a comment...
Wait while more posts are being loaded