Thursday, September 22, 2016

My Response To People Trying To Sell Me Email Lists of Corporate Users

If you are in the business of technology like I am, you probably get the random emails from people trying to sell contacts from leading technology companies. They are usually pretty savvy at getting past SPAM filters and are persistent at trying to sell the information of leading companies from SalesForce, Microsoft, Amazon, and pretty much any other company out there.

Like most of the SPAM in my inbox, I just flag and move on, which I have done with these types of emails, but they keep coming, so I crafted a template email to send back to them, like I do with many of the solicitations I get (I have a folder of templates).

Thank you for your unwanted solicitation. I hope you are doing well (I do not care, but this is what you do right?) I'm in the business of being a human in the technology space, not making a profit off of selling other people's information, but hell there is good money in it right?

Would you be interested in buying the contact information of people who sell other people's contact information? You see, I track the IP address and other details of every email I receive trying to sell me contacts. I then conduct research on who they are, discovering their name, home address, phone number, and where their children go to school.

If you think this is a good thing to do, and would like to buy these from me, please send me $$$$. Cause I'm greedy bitches. Please go the fuck away and get a life.

Sincerely,

Kin Lane

I'm sure many of these people are just poor people doing the bidding of some pretty sleezy people who think this is a good business idea. I can't help but push back, especially when they get through the filters and take moments of my time away. Even though it is just seconds, it is still my valuable time.

I know that not everyone can find employment that is ethical and worthy of being proud of, but maybe I can scare a handful of folks to look for employment elsewhere, and move on. If not, at least I'm having fun, and I feel a little better.



from http://ift.tt/2cOJ1Bc

Tuesday, September 6, 2016

Keeping Things Static With My Public Presence To Reduce Security Friction

I've been pretty vocal about running the API Evangelist network of sites on Github Pages, ever since I first started doing it back in January of 2013. Back then I was just playing around with the concept, but in 2016 my entire public presence runs on Github Pages.

There are several reasons I do this, starting with the simplicity of static website solutions like Jekyll, something that quickly evolves when you marry with the social approach to managing code that is Github. I like managing my sites this way, but the primary reason I migrated to this setup was because of security. After a couple of online events where I stepped up to defend my girlfriend Audrey Watters (@audreywatters) I woke up to all of my sites being down, by some friendly hacker.

I admit I don't have the best security practices. I have the skills to do it, but everything I do is public, so security is really not a concern. I just don't want my shit taken down by someone, or have my readers experience an outage. I got backups of things up the wazoo, in three different locations, including a nuclear missile silo in Nebraska. I can restore and rebuild at any point, but I don't like people taking my sites down just because they disagree with me. 

So I moved everything to run on Github a couple years ago. I'll outsource my security to them. All of my API industry research projects have a JSON core, driving the data, content, and API definitions for the APIs I create and keep an eye on--often times there are code samples, libraries, and other open tooling as well. So I'd say that my "websites" meet the criteria of being a worthy project for hosting on Github Pages. All of my research, except what ends up in a PDF, is meant to be open, forkable, and remixable--so Github just works for me.

With this move to being static my world became a dynamic push, instead of a dynamic pull, which significantly reduces the attack surface area for hackers--well except for the part where Github is hosting my sites, and I'm outsourcing security to them. At least it isn't my responsibility, plus I get the network effect of being on Github. When this is coupled with CloudFlare for my DNS, and offloading my DNS security to their experts, I figure I'm coming out ahead when it comes to securing my public presence, and what is most important to me--my research.

I still have my administrative API monitoring system (which is dynamic), something I will be working to further localize on my workstation, and a local server--it doesn't need to be on the Internet all the time. Then, all that is left then is my API stack--a stack of simple web APIs that help me operate the API Evangelist network. I will have to secure my APIs, but it dramatically reduces the publicly available surface area I have to defend, something that helps ensure my static presence will always remain available--even if my APIs go away.

In the current online environment I am not one to pull back from using the cloud after all I have invested in it, but with the volatility that lies ahead, it makes sense to keep my surface area defined, including all domains, and 3rd party services, and reduce the size of it at every turn. When possible, it also makes sense to go static, something that I'm seeing reduce a lot of friction and concern for me when it comes to maintaining my very public online existence.



from http://ift.tt/2bRBHmP

Friday, September 2, 2016

People Telling Me Markets Will Work Things Out And I Should Not Complain

When I am working to push back on various aspects of the API space, one of the ways people feel they need to push back on me is to tell me that I shouldn't be getting all worked up about it--that markets will work things out. Aside from this being a silly argument about something that I don't really acknowledge as a reality (markets do not work themselves out), I am endlessly fascinated how people wield this like markets are something over there, that does not include me (us). 

I'm pretty confident that markets include me. I'm pretty sure that I (the individual) can have an influence over market outcomes. I think this concept is a tool that the market players equip the sleeping masses with, to keep the average citizen out of the way so that they can profit from market activity unencumbered. We all have a role to play in markets, and my self-appointed role is to help influence the portion of markets being touched by the Internet, and specifically API technology.

If you tell me that "markets will work things out" in the course of our engagement in the API space, you just labeled yourself as being pretty simplistic in your views of how markets and the world works. You just put yourself in the bucket of people who consciously or sometimes unconsciously work on behalf of the "machine" to keep the world compliant, and being good consumers. I'm in the bucket over here, where I believe that markets need constant evaluation, discussion, and push back to make sure they are looking out for humans--which is something I will be working to do until I am dead and buried.



from http://ift.tt/2c0Whza

Thursday, September 1, 2016

Real Time Is Often More About What They Desire Than What We Want

There are many definitions of what exactly constitutes "real time". I find it is a very relative thing, depending on who you talk to. When asked, many will respond with push notifications as an example. Others immediately think chat and messaging. If you are talking to developers they will reference specific technology like XMPP, Jabber, and WebSockets.

Real time is relative. It is relative to the situation, and to those involved. I'd say real time also isn't good by default, in all situations. The need for real time might change or evolve, and mean different things in different industries. All of this variance really opens up the concept for a lot of manipulation and abuse.

I feel like those who are wielding real time often speak of the benefits to us when in reality it is about real time in service of what they desire. They want a real time channel to you so they can push to you anytime, and get the desired action they are looking for (ie. click, view, purchase). In this environment, the concept of real time quickly becomes just noise, distraction, and many other negative things--rendering real time to just often being a pretty bad idea. 



from http://ift.tt/2bEWWcw

Tuesday, August 23, 2016

Fine tuning My Real Time For Maximum Efficiency

I am working hard to fine tune my world after coming back from the wilderness this summer. Now that I'm back I am putting a lot of thought into how I can optimize for efficiency, as well as for my own happiness. As I fire back up the old API Evangelist machine, I'm evaluating every concept in play, a process being used, and tool in production, and evaluate how it benefits me or creates friction in my world.

During the next evolution of API Evangelist, I am looking to maximize operations, while also helping to ensure that I do not burn out again (5 years was a long time). While hiking on the trail I thought A LOT about what is real time, and upon my return, I've been applying this to reverse engineering what is real time in my world, and fine tuning it for maximum efficiency and helping me achieve my objectives.

As I had all the moving parts of real time spread out across my workbench, one thing I noticed was the emotional hooks it likes to employ. When I read a Tweet that I didn't agree with, or read a blog post that needed a rebuttal, or a slack conversation that @mentioned me--I felt like I needed to reply. When in reality, there is no reason to reply to real time events, in real time. This is what it wants, not always something you want.

I wanted to better understand this element of my real time world, so I reassembled everything and set back into motion--this time I put a delay switch on ALL responses to real time events across all my channels. No matter how badly I wanted, I was forbidden to response within 48 hours to anything. It was hard at first, but I quickly began to see some interesting efficiency gains and a better overall psychological well-being.

Facebook, Twitter, Github, and Slack all were turned off and only allowed to be turned on a couple times a day. I could write a response to a blog post, but I wouldn't be allowed to post it for at least two days. I actually built this delay switch into my world, as a sort of scheduling system for my platform, which allows me to publish blog posts, Tweets, Github commits, and other pushes that were often real time, using a master schedule.

After a couple of weeks my world feels more like I have several puppets on strings, and performing from a semi-scripted play. Where before it felt the other way around, that I was a puppet on other people's strings, performing in a play I've never seen a script for.



from http://ift.tt/2bKFRJr

Monday, August 22, 2016

The Blockchain As An Economic Engine For The Cybersecurity Industry

I am slowly getting back into the routine of doing my weekly roundups. It has been a while since I published any, even though I regularly do the work. While I was going through this week's roundup of items I curated, I thought some of the blockchain related goings on were particularly interesting.

Not sure about you but I can't help but think that has the makings of a pretty interesting economic engine for the cybersecurity industry. You have government hackers, organized hackers, rando hackers, concerns around having enough talent, investors pouring money into the space, and 1000lb pound gorillas making firing up their digital factories. 

I'm guessing that blockchain and cybersecurity are going to go hand in hand, and be a very lucrative endeavor for a select few.



from http://ift.tt/2bcsgtb

Thursday, August 18, 2016

You Better Collect All The Data Because You Might Need It Some Day

I recently read a couple of articles that focused on the data collection practices of businesses, where the moral of the story was that you should be collecting all the data you possibly can, even if you don't need it because you never know what you'll need in future. This is the popular perspective of a significant portion of the data community, which naturally has transferred to the world of APIs through a natural association.

While this might be tempting, and even seem logical at times, I recommend you stop and think about it deeply. The NSA is employing the approach, and leading tech companies like Google, Facebook, and others are thinking in similar ways. Pretty much saying that if you have all the data, you will have all the knowledge--something that really hasn't ever been proven, remaining a constant fantasy of technologists.

Imagine the person who obsessively collects everything, thinking some day it will be valuable. Often times this is harmless if some of it contained hazardous material (ie. mercury, lead) that may have been considered safe at one point, but now you have large quantities of it--not good, and costly implications. Imagine if, at some point, you cross over some public zoning, safety, and other regulatory areas, without knowing it. Consider how the world has shifted and changed in the last 50 years, and how rapidly things have "seemingly" changed in the last 20 years, when it comes to public opinion--what if opinions on data gathering practices change drastically in the near term future?

With the NSA, and leading tech companies behaving pretty badly with their data collection strategy, pushback from other countries, companies, institutions, and the average citizen has already begun. Do you really want to have EVERYTHING stored in your data warehouses when this happens? Data you can't actually verify that you need actually operate your business? What will your customers, partners, and shareholders think? What will public opinion be of your brands?

I haven't even touched on the security concerns of storing all of this way of data gathering. There are numerous very serious considerations on the table, that should always be included in decision around just exactly what data we gather, store, and what we should just let be lost in the layers of time.



from http://ift.tt/2bqAstv

Tuesday, August 16, 2016

Humans Are Always The Weakest Link When It Comes To Securing Our Bits & Bytes

I added a specific project for aggregating and tracking on vulnerabilities in our online infrastructure, in addition to my existing security and cyber security research. Not all of the vulnerabilities I curate are API specific, but I find it helps increase my overall awareness of security related issues and I find it useful to thinking through the possibilities when it comes web vulnerabilities being applied to APIs. 

Across these three areas of my security research, the one common pattern I see across the security landscape is that the humans are always the weakest link. Almost all of the breaches I read about occur because of some human, being well human, and allows for some often well-known exploit to be penetrated. Hacking systems is less about knowing the tech exploits, then it is about knowing and maximizing the human exploits--as we are always the weakest link.

I use this awareness when I'm evaluating the promise of any security-focused solution I come across. If the solution prescribes more technology, to help us secure the technology we have--I'm guessing it is most likely smoke & mirrors about 95% of the time. If the solution offers something that helps address the human variable in the equation, and augments this reality, making us all more security minded, and ulitmatmely security literate--the chances it will make a difference increases in my opinion.



from http://ift.tt/2aYc58H

Monday, August 15, 2016

Using Github Repos And Jekyll As A Data Store

Github repositories are the heart of all of my API research. Each of the 200+ areas of my research lives as an individual repository, and I publish most of my raw research here as JSON, and YAML--then make it viewable, and explorable using JavaScript and HTML. Github + Github Pages + Jeklyll is what makes all of this possible.

I have been working professionally with databases for over 25 years--I am a database guy. From 1997 through 2007 I was heavily dependent on my SQL Server database(s). From 2007 through 2017 I am heavily dependent on my MySQL database(s). I predict from 2017 through 2022 I will be heavily dependent on my JSON and YAML data stores available via Github and my own server infrastructure.

Using Github repositories as a data store will not replace my central database infrastructure, but it will augment it significantly. Much like dynamically publishing HTML documents from databases has dominated my web evolution, the dynamic publishing of JSON and YAML documents is what drives much of my public presence during my API evolution. Github allows me to drive the publishing of this data using Github Pages, while using Git to maintain a snapshot of my data stores at any point in time.

The static nature of my data stores is efficient, in that they load fast, and leverage simple web technology (HTML, JavaScript, CSS) to accomplish its objective, whether that is delivering HTML to humans, or JSON and YAML to other systems / applications. The publish / cache nature of these representations of my data works well for my approach to storytelling. I can keep my research moving fast, keeping pace with the fast-changing landscape, or I can employ them as a snapshot that stays static forever, something I may never update.

I increasingly find people don't grasp how it is that I use Github to run my API Evangelist, and the potential of Jekyll and Github when it comes to managing data, especially when it is in the service of storytelling on the web. It's not an approach I recommend everyone put to work, but as a database person, I think everyone should have Github and Jekyll as a data store in your toolbox



from http://ift.tt/2aWzjM8

Tuesday, August 9, 2016

Ignoring Bad Behavior Then Complaining When Government Regulates

I feel the drone space is a poster child for the overall technology space for me lately. I'm heavily influenced because it is what I have been doing for the last couple months, but as I turn my head back to paying attention to mainstream tech, what I'm seeing with drones has taught me lessons that I'm finding apply very nicely to the wider technology landscape.

I read three separate articles this week where authors were outlining what is next for drones, and what is holding the industry back, and all three mentioned government regulations as being the number one thing holding drones back. Which is interesting to me because I do not feel the requirement to register my drone is holding us back. What I do feel looms over the whole space is the badly behaved drone operators out there--which naturally the coming regulations and current concerns are in response to.

When you do encounter rules about drones, or pushback from people out in the field, it is in direct response to drone operators behaving badly, yet you don't see the drone industry going out of their way to police, or reign the industry in. You do see manufacturers like DJI building in some limitations when it comes to forest fires, airports, and other no-fly zones, but you don't see the average drone blogger or drone operator telling each other to be a responsible drone operator so you don't screw this up for everyone.

I see this as an inherent flaw in how markets work. People who love markets, love to bitch about government regulation, but rarely ever work to police themselves, or regulate the bad things that regulation are often responding to. In fact, I've heard people defend bad behavior as, "it's not illegal yet", and "if I didn't do it my competitors will". Then fall in line with the other anti-regulator rhetoric when laws are put in place limiting what people can do in their industry. 

Do not get me wrong. I am not pro-regulation. I have a realistic understanding around why we need healthy regulations and enforcement to help balance market activity, but I am not pro-regulation just for the sake of more government. It would make more sense if as an industry we have more ethics, and we worked to educate and police each other, helping set a healthy tone, so the government wouldn't need to step in. Actually, as I write this, I realize how badly behaved our own government is being when it comes to drones. Uggghh!

I predict we will see this with every new area of technology out there. The overeager entrepreneur(s) go too far, can't control themselves with their greed, and do things to make money that is ultimately questionable, then they bitch and complain when the government steps into course correct the behavior. So much of what we are doing is brand new in tech, and when you bundle that with young millennials, you get a rich environment for thinking everything is new, and that we are entitled to do whatever I want--establishing a pretty dangerous cycle. 

I'm applying what I've been learning from watching the drone space, to other areas like healthcare and education data, and other important areas where I am seeing APIs being used for some pretty shady stuff. I am seeing folks make claims it is for healthcare or education when it is really about getting their hands on users data that they can sell on the open market--making for some prety troubling stuff.



from http://ift.tt/2aIKCl2

Working To Avoid The Drowning Effects Of Real Time

One thing I'm experiencing as I come out of my Drone Recovery project is the drowning effects of our real-time worlds. I am talking about the desire to stay connected in this Internet age, and subscribe to as many possible available channels (ie. Facebook, Twitter, LinkedIn, RSS, etc.), and more importantly the tuning in, and responding to these channels in real time.

You hear a lot of talk about information overload, but I don't feel the amount of information is the problem. For me, the problem comes in with the emotional investment demanded by real-time, and the ultimate toll it can take on your productivity, or just general happiness and well-being. You can see this play out in everything from expectations that you should respond to emails, all the way to social network memes getting your attention when it comes to the election, or for me personally, the concerns around security and privacy using technology.

The problem isn't the amount of information, it is the emotional toll of real-time. I can keep up with the volume of information, it's once I start paying the toll fee associated with each item, that it begins to add up. I feel the toll fee is higher in the real-time lane than when you do on your own schedule. The people who demand I respond to emails, and be first to the story have skin in the game, and will be collecting a portion of the toll fee, so it is in their best interest to push you to be real time.

Sure, there are some items that will be perishable in all of this. I am not applying this line of thinking across the board, but I am prioritizing things with this in mind. In an increasingly digital world, the demands on our time are only going to increase. To help me to keep from drowning, I'm going to get more critical about what I accept into my world in a real time way. My goal is to limit the emotional toll I pay, and maximize my ability to focus on the big picture when it comes to how technology, and specifically APIs are impacting our world.



from http://ift.tt/2aINzBS

Losing Control Over Our Digital Self When So Many Domains Take A Piece

I find myself even more aware of the demands being placed on our lives through Internet-enabled technology after spending two months in the wilderness, away from my computer and cell phone. As I fire up my tools for monitoring the API space, the assault on our digital self by the tech community streams by on the scream like a scene from the Matrix movie.

One of the tools I operate regularly is called Charles Proxy. I use it to automatically map out the APIs I am using, helping me map out the surface area of common APIs. On select days I will keep this running in the background, routing all my mobile, web, and desktop activity through the proxy. Every five minutes it dumps an XML file of my activity to my local Dropbox folder. Once files are synced to the cloud my API monitoring system grabs this history and generates OpenAPI specification for any APIs, with one by-product of all of this is I also get a record every single domain I touched over the course of the day.

I pulled a sampling of this traffic, grouped by each unique domain, and generated this tag cloud. There are 306 domains included in this sampling, with a maximum of 250 showing in the tag cloud, but the domains that float to the top, achieving a significant portion of my attention, tell an interesting story--there is a lot to consider here, but three significant stories stand out for me.

Who Gets Most My Attention On Regular Basis
This is all traffic from the websites I visit, as well as my desktop and mobile applications, so you see the core of my existence spent on my Apple devices, and that I still live in a very Googley world, while doing much of my communication via on Twitter, Slack, and Skype. I do a lot of Googling, as the majority of my days are spent researching a variety of topics, and since I opt to leave advertising unblocked, you also see the fingerprint of Double Click when it comes to ad networks also attempting to get my attention.

Percentage Of My Attention Spent Within My Domains
While Google and Apple still command a big portion my attention, it makes me happy to see both apievangelist.com and kinlane.com present in this tag cloud--showing a healthy "reclaim your domain" balance to my world. It is important to me that as much of my time as possible is spent operating within my domain. I will never be able to operate 100% on my own property, but ensuring that my domains occupy top ten slots on this map is critical to me operating a successful business, generating revenue from my hard work, and fending off all of these domains looking to own a piece of my digital self for their benefit.

Overall Volume Of Domains Vying For My Attention
This is just a sampling of the domains that are vying for my attention on a daily basis. At some point, I'll publish a more realistic daily, weekly, and monthly sampling hopefully helping paint a more complete picture. However, I feel this sampling does show the scope of assault that occurs daily on our digital self. All of these companies want a piece of my digital self, not because they care about me, or what I am doing, but because they want to generate revenue from this little piece of my digital self, and any activity that occurs.

A significant portion of what I do each day is dedicated to making sure that I clearly define who is Kin Lane, and the API Evangelist, and capture as much of exhaust generated in the form of blog posts, tweets, images, video, and other bits and bytes. This is how I define my brand, publicize my work, and retain as much control over what I do as I possibly can. Helping me better make a living from my work. The more I define and defend myself from these domains, the more I keep for myself, enabling me to maintain control over the digital version of myself.

We only have a few hundred years under our belts when it comes to defining our physical self, our rights, and the boundaries of our public personas. We only have a few years under our belts when it comes to defining our virtual self, our rights, and the boundaries of our virtual public personas. What is even scarier is that increasingly the predatory behavior of these domains in an online world is being extended into our physical worlds through home automation, connected cars and cities, drones and other ways the Internet of Things (IoT) that are penetrating our personal, professional, and industrial worlds.

As I look at the logs of these domains who are demanding a piece of my virtual self each day, I can't help but feel like the majority of us will lose control over our digital self, before we ever fully get the opportunity to fully know ourself--when so many domains take a piece of us each day.



from http://ift.tt/2aIKyBD

On Being SMART (Surveillance Marketed As Revolution Technology) And Greedy

I love Evgeny Morozov's (@evgenymorozov) tweet defining the acronym SMART as Surveillance Marketed As Revolutionary Technology. It has provided me with a wealth of material for my alternate storytelling channels, and provides an excellent litmus test to apply to companies I come across during my monitoring of the API space.

As I'm reading do smart devices mean dumb security, out of Defcon this year, I'm reminded of his funny, yet also very troubling definition of SMART. I'm coming across an increasing number of connected devices who have incomplete API programs available. Meaning APIs are present, available on the open Internet, but required documentation, support, and other essential resources are missing--which like mobile, tends to often mean security and privacy considerations are incomplete as well.

This last week I talked about how venture capital investment can provide some incentives that are at odds with healthy, stable, consistent, and secure API operations. You see this play out with mobile devices, where a platform is so focused on the mobile app so heavily, they pretend the web APIs behind are invisible, which is also a practice I am seeing rapidly evolve with the Internet of Things (IoT).

Companies are racing to connect everyday objects to the Internet because they want to convince consumers to buy a new product, that will give them access to the valuable data that will be generated (a precedent set by the mobile evolution). In the race to create this new breed of products that consumers will want, and generate this new, highly valuable data, the willingness to secure these new data streams, and protect the safety and privacy of consumers is often very low on the list of priorities. 

As stated in the BBC article out of Defcon, these devices will become a playground, of hackers, whatever their motivations might be. The average person will be unknowingly building out the Internet in this very unstable fashion, giving away their data, privacy, and of those around them. The greed behind the pushing of SMART objects into our personal and professional worlds will happily continue if they are given continued access to this extremely valuable data, and surveillance exhaust. 

I'm not convinced that corporations, institutions, the government, or individuals will all be up to the task when it comes to securing all of this tech we are inviting into our worlds, not when there are so many badly behaved, poorly incentivized players willing to build this dystopian version of the Internet out. This will not play out well...



from http://ift.tt/2aIKxhh

We Will Never Be Able To Completely Secure Our Bits And Bytes, We Will Have To Change Culture For Things To Get Better

I am doing an increased amount of monitoring of security, vulnerability, and cybersecurity reports lately. While doing this type of work, it can become easy to slip into despair, as you realize how vulnerable we are to attack, in conjunction with how badly behaved everyone is being on all sides.

As I see it, we have to work very hard to be sensible and proactive about security, and work to educate individuals, business and government leaders to be savvy when it comes to online security, and privacy--as a community we have a lot of educational and awareness work ahead of us.

Even with all of this work, I do not think we are ever going to be able to achieve 100% security over our bits and bytes. We are going to have to find a way to shift the culture of online behavior to make hacking, and the use of many of the cyber weapons we are seeing emerge, unacceptable to use. 

I am not sure what the specific actions are that might help us down this higher road--more thoughts to come on this. One thing I do know is that all of this is not sustainable, and what worries me the most is that the US seems to have set the bar for bad behavior pretty high with the activities of NSA, our law enforcement, and of the larger tech community.



from http://ift.tt/2aK2wqO

Choosing Between Medium, Blogger, Tumblr, or WordPress

There are many differences between the leading blogging platforms like Blogger, WordPress, Tumblr, and Blogger. Different types of bloggers will view these solutions in different ways, with very different reasons behind why they (we) do. 

Each of these blogging platforms has their pros and cons, and bring a variety of network effects with them. Medium has definitely been dominating the conversation lately, but Blogger and WordPress still provide very robust solutions, even after well over a decade of serving up content.

If its plugins that you are looking for...choose WordPress, and if it is the network effect you desire, consider Tumblr or Medium. Whichever one you choose, the most important thing you can do is make sure your blog is available on your own domain. Make sure you have your content within your own domain, even if you are working to leverage one of these company's platforms.

You never know when you will want to migrate your blog, or do away with the blog altogether, and when you do not have control over the domain, this is much, much harder to do.



from http://ift.tt/2aIKNgk

Ignoring Bad Behavior Then Complaining When Government Regulates

I feel the drone space is a poster child for the overall technology space for me lately. I'm heavily influenced because it is what I have been doing for the last couple months, but as I turn my head back to paying attention to mainstream tech, what I'm seeing with drones has taught me lessons that I'm finding apply very nicely to the wider technology landscape.

I read three separate articles this week where authors were outlining what is next for drones, and what is holding the industry back, and all three mentioned government regulations as being the number one thing holding drones back. Which is interesting to me because I do not feel the requirement to register my drone is holding us back. What I do feel looms over the whole space is the badly behaved drone operators out there--which naturally the coming regulations and current concerns are in response to.

When you do encounter rules about drones, or pushback from people out in the field, it is in direct response to drone operators behaving badly, yet you don't see the drone industry going out of their way to police, or reign the industry in. You do see manufacturers like DJI building in some limitations when it comes to forest fires, airports, and other no-fly zones, but you don't see the average drone blogger or drone operator telling each other to be a responsible drone operator so you don't screw this up for everyone.

I see this as an inherent flaw in how markets work. People who love markets, love to bitch about government regulation, but rarely ever work to police themselves, or regulate the bad things that regulation are often responding to. In fact, I've heard people defend bad behavior as, "it's not illegal yet", and "if I didn't do it my competitors will". Then fall in line with the other anti-regulator rhetoric when laws are put in place limiting what people can do in their industry. 

Do not get me wrong. I am not pro-regulation. I have a realistic understanding around why we need healthy regulations and enforcement to help balance market activity, but I am not pro-regulation just for the sake of more government. It would make more sense if as an industry we have more ethics, and we worked to educate and police each other, helping set a healthy tone, so the government wouldn't need to step in. Actually, as I write this, I realize how badly behaved our own government is being when it comes to drones. Uggghh!

I predict we will see this with every new area of technology out there. The overeager entrepreneur(s) go too far, can't control themselves with their greed, and do things to make money that is ultimately questionable, then they bitch and complain when the government steps into course correct the behavior. So much of what we are doing is brand new in tech, and when you bundle that with young millennials, you get a rich environment for thinking everything is new, and that we are entitled to do whatever I want--establishing a pretty dangerous cycle. 

I'm applying what I've been learning from watching the drone space, to other areas like healthcare and education data, and other important areas where I am seeing APIs being used for some pretty shady stuff. I am seeing folks make claims it is for healthcare or education when it is really about getting their hands on users data that they can sell on the open market--making for some prety troubling stuff.



from http://ift.tt/2aJP5a9

Monday, August 8, 2016

Losing Control Over Our Digital Self When So Many Domains Take A Piece

I find myself even more aware of the demands being placed on our lives through Internet-enabled technology after spending two months in the wilderness, away from my computer and cell phone. As I fire up my tools for monitoring the API space, the assault on our digital self by the tech community streams by on the scream like a scene from the Matrix movie.

One of the tools I operate regularly is called Charles Proxy. I use it to automatically map out the APIs I am using, helping me map out the surface area of common APIs. On select days I will keep this running in the background, routing all my mobile, web, and desktop activity through the proxy. Every five minutes it dumps an XML file of my activity to my local Dropbox folder. Once files are synced to the cloud my API monitoring system grabs this history and generates OpenAPI specification for any APIs, with one by-product of all of this is I also get a record every single domain I touched over the course of the day.

I pulled a sampling of this traffic, grouped by each unique domain, and generated this tag cloud. There are 306 domains included in this sampling, with a maximum of 250 showing in the tag cloud, but the domains that float to the top, achieving a significant portion of my attention, tell an interesting story--there is a lot to consider here, but three significant stories stand out for me.

Who Gets Most My Attention On Regular Basis
This is all traffic from the websites I visit, as well as my desktop and mobile applications, so you see the core of my existence spent on my Apple devices, and that I still live in a very Googley world, while doing much of my communication via on Twitter, Slack, and Skype. I do a lot of Googling, as the majority of my days are spent researching a variety of topics, and since I opt to leave advertising unblocked, you also see the fingerprint of Double Click when it comes to ad networks also attempting to get my attention.

Percentage Of My Attention Spent Within My Domains
While Google and Apple still command a big portion my attention, it makes me happy to see both apievangelist.com and kinlane.com present in this tag cloud--showing a healthy "reclaim your domain" balance to my world. It is important to me that as much of my time as possible is spent operating within my domain. I will never be able to operate 100% on my own property, but ensuring that my domains occupy top ten slots on this map is critical to me operating a successful business, generating revenue from my hard work, and fending off all of these domains looking to own a piece of my digital self for their benefit.

Overall Volume Of Domains Vying For My Attention
This is just a sampling of the domains that are vying for my attention on a daily basis. At some point, I'll publish a more realistic daily, weekly, and monthly sampling hopefully helping paint a more complete picture. However, I feel this sampling does show the scope of assault that occurs daily on our digital self. All of these companies want a piece of my digital self, not because they care about me, or what I am doing, but because they want to generate revenue from this little piece of my digital self, and any activity that occurs.

A significant portion of what I do each day is dedicated to making sure that I clearly define who is Kin Lane, and the API Evangelist, and capture as much of exhaust generated in the form of blog posts, tweets, images, video, and other bits and bytes. This is how I define my brand, publicize my work, and retain as much control over what I do as I possibly can. Helping me better make a living from my work. The more I define and defend myself from these domains, the more I keep for myself, enabling me to maintain control over the digital version of myself.

We only have a few hundred years under our belts when it comes to defining our physical self, our rights, and the boundaries of our public personas. We only have a few years under our belts when it comes to defining our virtual self, our rights, and the boundaries of our virtual public personas. What is even scarier is that increasingly the predatory behavior of these domains in an online world is being extended into our physical worlds through home automation, connected cars and cities, drones and other ways the Internet of Things (IoT) that are penetrating our personal, professional, and industrial worlds.

As I look at the logs of these domains who are demanding a piece of my virtual self each day, I can't help but feel like the majority of us will lose control over our digital selves, before we ever fully get the opportunity to fully know ourselves--when so many domains take a piece of us each day.



from http://ift.tt/2aHDE2P

Working To Avoid The Drowning Effects Of Real Time

One thing I'm experiencing as I come out of my Drone Recovery project is the drowning effects of our real-time worlds. I am talking about the desire to stay connected in this Internet age, and subscribe to as many possible available channels (ie. Facebook, Twitter, LinkedIn, RSS, etc.), and more importantly the tuning in, and responding to these channels in real time.

You hear a lot of talk about information overload, but I don't feel the amount of information is the problem. For me, the problem comes in with the emotional investment demanded by real-time, and the ultimate toll it can take on your productivity, or just general happiness and well-being. You can see this play out in everything from expectations that you should respond to emails, all the way to social network memes getting your attention when it comes to the election, or for me personally, the concerns around security and privacy using technology.

The problem isn't the amount of information, it is the emotional toll of real-time. I can keep up with the volume of information, it's once I start paying the toll fee associated with each item, that it begins to add up. I feel the toll fee is higher in the real-time lane than when you do on your own schedule. The people who demand I respond to emails, and be first to the story have skin in the game, and will be collecting a portion of the toll fee, so it is in their best interest to push you to be real time.

Sure, there are some items that will be perishable in all of this. I am not applying this line of thinking across the board, but I am prioritizing things with this in mind. In an increasingly digital world, the demands on our time are only going to increase. To help me to keep from drowning, I'm going to get more critical about what I accept into my world in a real time way. My goal is to limit the emotional toll I pay, and maximize my ability to focus on the big picture when it comes to how technology, and specifically APIs are impacting our world.



from http://ift.tt/2b8nv9q

Saturday, August 6, 2016

On Being SMART (Surveillance Marketed As Revolution Technology) And Greedy

I love Evgeny Morozov's (@evgenymorozov) tweet defining the acronym SMART as Surveillance Marketed As Revolutionary Technology. It has provided me with a wealth of material for my alternate storytelling channels, and provides an excellent litmus test to apply to companies I come across in my monitoring of the API space.

As I'm reading do smart devices mean dumb security, out of Defcon this year, I'm reminded of his funny, yet also very troubling definition of SMART. I'm coming across an increasing number of connected devices who have incomplete API programs available. Meaning APIs are present, available on the open Internet, but required documentation, support, and other essential resources are missing--which like mobile, tends to often mean security and privacy considerations are incomplete as well.

This last week I talked about how venture capital investment can provide some incentives that are at odds with healthy, stable, consistent, and secure API operations. You see this play out with mobile devices, where a platform is so focused on the mobile app so heavily, they pretend the web APIs behind are invisible, which is also a practice I am seeing rapidly evolve with the Internet of Things (IoT).

Companies are racing to connect everyday objects to the Internet because they want to convince consumers to buy a new product, that will give them access to the valuable data that will be generated (a precedent set by mobile evolution). In the race to create this new breed of products that consumers will want, and generate this new, highly valuable data, the willingness to secure these new data streams, and protect the safety and privacy of consumers is often very low on the list of priorities. 

As stated in the BBC article out of Defcon, these devices will become a playground, of hackers, whatever their motivations might be. The average person will be unknowingly building out the Internet in this very unstable fashion, giving away their data, privacy, and those around them. The greed behind the pushing of SMART objects into our personal and professional worlds will happily continue if they are given continued access to this extremely valuable data, and surveillance exhaust. 

I'm just not convinced that corporations, institutions, the government, or individuals will all be up to the task when it comes to securing all of this tech we are inviting into our worlds, not when there are so many badly behaved, poorly incentivized players willing to build this dystopian version of the Internet out. This won't play out well...



from http://ift.tt/2b4bYER

Wednesday, August 3, 2016

Choosing Between Medium, Blogger, Tumblr, or WordPress

There are many differences between the leading blogging platforms like Blogger, WordPress, Tumblr, and Blogger. Different types of bloggers will view these solutions in different ways, with very different reasons behind why they (we) do. 

Each of these blogging platforms has their pros and cons, and bring a variety of network effects with them. Medium has definitely been dominating the conversation lately, but Blogger and WordPress still provide very robust solutions, even after well over a decade of serving up content.

If its plugins that you are looking for...choose WordPress, and if it is the network effect you desire, consider Tumblr or Medium. Whichever one you choose, the most important thing you can do is make sure your blog is available on your own domain. Make sure you have your content within your own domain, even if you are working to leverage one of these company's platforms.

You never know when you will want to migrate your blog, or do away with the blog altogether, and when you do not have control over the domain, this is much, much harder to do.



from http://ift.tt/2aOd354

We Will Never Be Able To Completely Secure Our Bits And Bytes, We Will Have To Change Culture For Things To Get Better

I am doing a lot of monitoring of security, vulnerability, and cybersecurity reports lately. While doing this it can become easy to slip into despair when you are immersed in this world as you realize how vulnerable we are to attack, and how badly behaved everyone is.

As I see it, we have to work very hard to be sensible and proactive about security, and work to educate individuals, business and government leaders to be savvy when it comes to online security, and privacy--as a community we have a lot of educational and awareness work ahead of us.

Even with all of this, I do not think we are ever going to be able to achieve 100% security over our bits and bytes, and we are going to have to find a way to shift the culture of online behavior to make hacking and the use of many of the cyber weapons we are seeing emerge unacceptable to use. 

I am not sure what the specific actions might help us down the higher road--more thoughts to come. I do know though that all of this is not sustainable, and what worries the most is that the US seems to have set the bar for bad behavior pretty high with the activities of NSA, our law enforcement, and the larger tech community.



from http://ift.tt/2auNHVI

Tuesday, August 2, 2016

Disruption Is Rarely About Building A Better Product, Improving An Industry, Or Helping Consumers

I often fall for the Kool-Aid flavor of the day, out of tech community. I'll be sipping it regularly, thinking I'm immune to its effects, until one day I'm like, "that is some damn good cool raspberry flavor!". Even though I know better, I still get duped by the magic of it all sometimes.

When I read the regular flow of marketing coming out of startups, it can be easy to fall prey to the belief that startups are truly building a better mousetrap, changing how business is done, and redefining an entire industry. We all love a great American dream story! When in reality, 95% of the time this is the marketing kool-aid of the day, and when startups wield the term "disruption" or "revolution", it does not mean what they often say in their marketing.

Despite popular claims, startups are less interested in building a better product, running a better business, helping consumers, and redefining the way things occur in an industry, then they are attracting the interest of a buyer. Often times this is the 1000 lb gorilla in the space, and what better mating dance than the disruption and revolution chest thump.

Disruption isn't a threat, it is a mating call. If you don't buy me, we will take your customers, and make you look old and outdated. We are young, new and shiny and people like us better. If you buy us, then people will be forced to love you, and all will be OK.

It helps to step away from the regular flow of storytelling in the space, allowing me to see what much of the information is really about, and who the coded marketing speak is really crafted for--not us (well unless you are looking to buy? Are you?).



from http://ift.tt/2agIm92

Surveillance Will Continue To Be Disguised As Entertainment And Convenience

Two things Americans are suckers for are entertainment and convenience. We will give up almost anything if it makes our life easier, and keeps us entertained--no matter how simple that is. We love our movies, tv shows, and games, and we love everything to come to us from our shopping to our food, and our transportation. 

This is where technology will continue to be employed in the name of surveillance--whether its corporate level surveillance or in the government sphere. This is where we will willfully accept surveillance into our lives, and allow for ourselves to be digitally pwned, allowing for us bit by bit to also be physically pwned--perpetually keeping us down.

Whenever possible let's pause the game, and think twice about signing up for that new delivery service, and consider what we are giving up in exchange for this entertainment and convenience. Are the tradeoffs worth it? Are we being distracted while our information is between taken, or the technology in our lives being compromised?

Let's not let a surveillance state creep in around us just because we couldn't go without for just a little while.



from http://ift.tt/2ayW1os

Learning To Write Again

It's been almost three months since I've written anything on API Evangelist, and sitting down to form my thoughts into some sort of coherent blog post is proving to be more challenging than I imagined. I now realize how much of my storytelling has been driven by the momentum I have built up in six years of writing about APIs. 

There is no shortage of topics to write about. I have a pretty lengthy list, but actually bringing them to life is proving to be much more work than I remember it being. Each sentence takes me minutes instead of seconds, and my thoughts have to be pulled, rather than the usual flood of often overwhelming flow about the world of APIs. 

Normally the spark plug that connects my brain with my fingers is firing almost non-stop, but after weeks of being idle, it is taking some time before the spark fires as reliably as before. Maybe there is some gunk on the plug, or I need to gap the plug like I used to with my 1972 Volkswagen van--where is a grateful dead ticket when you need it?

Well, at least I am up and running...maybe this will get all cylinders firing again. I miss writing. I find the regular flow of ideas into my notebook, and then across my blog and research sites very rewarding. If nothing else, this summer has re-enforced in me how important writing is to my overall well-being and life balance.



from http://ift.tt/2ayVAuF

Tuesday, July 5, 2016

I Feel Like The Savage In Brave New World -- I Just Want To Read Shakespeare

I feel like "the savage" in Aldous Huxley's A Brave New World as I begin to get back to my Twitter stream and RSS feeds — I just want to read Shakespeare. I'm eight weeks into Drone Recovery, I just finished re-reading A Brave new World, and I am finding it very difficult to be interested in much that is the "tech space" flowing through the monitoring tool(s) I have historically used to keep track on the sector.

There are bits and bytes that still grab my attention, but overall I'm questioning why I ever was interested in things like bots, wearables, and many things IoT. As I step back and ponder all of this, I feel like there is a relentless assault of information and technology upon us daily, which keeps us in a state where it is difficult to ever process anything meaningful, and we are ultimately  forced accept what is next—even if it isn't real or what we actually want.

The tech space is always looking for what's next, and we like to tell ourselves that all of it is inevitable, it is what we need, and it is what the tech wants. Rarely do we stop and ask questions about whether we truly need this, or should we be doing this, amidst the constant barrage of information, and social pressure from people around us--which all works to keeps us perpetually off balance. I am not saying any of these things aren't real, just with all the momentum and social pressures, we are too weak to ever process anything deeply.

The most intense part of this summer drone journey is over, and I am spending a little more time getting back into my feeds and social streams. Not too much, just little bit as I have time in between trips. I'd say 50% of what flowed through my monitoring dashboard interested me before this journey began, and now I'd put that at about 5%. I am hoping to better understand how I can evolve this perspective, and develop some sort of shield (Captain Fucking America) which I can use in defense of the relentless assault that is the tech space. 

I am hoping with a little more defensive capabilities I will be able to see the space in a new light, possess a more critical eye, and see through what is keeping us down, and find the meaningful and important uses of technology that can actually help the world be the place where I want to live.



from http://ift.tt/29kHxKy

Monday, May 23, 2016

More Investment Is Needed Requiring Some Big Changes

My partner in crime Audrey and I have been struggling her son's depression, and pharmaceutical pill addiction for a couple years now. This is not the type of thing you plan for, and when it happens, your response involves keeping it as quiet as possible when it comes to friends, family, and the public. Nobody wants to be that family, but when you suddenly find out that you are, you find there is no magic fix, you have to work hard to find a solution that works for your situation.

Over the last couple of years, we have moved him from Oregon to Wyoming, back to a different part of Oregon, and then ultimately to California where we live. Last summer we put him into rehab in California, where he soon graduated to a sober living facility. He seemed to be doing well, but then last week he showed up at home, as he had been kicked out of the program. Shortly after settling in he also admitted he was using again, and we all found ourselves back at square one.

What do you do? Can't we afford rehab again? Can't we afford to move him again? And personally, I can't have a junkie living in my house, because I used to be one myself. I was definitely a different breed of junkie then what I am seeing today, but in the years between 1993 and 1997, I was heavily using Heroin, Cocaine, LSD, Ketamine, Mescaline, and most other things I could get my hands on, except I hated speed, and ironically pharmaceuticals. I've been clean for 20 years, there was no way in hell, I was going to live with a junkie.

With no options left, I set out to do for him what I did for myself 20 years ago. We rented a car, loaded up what we needed and headed into the mountains to get him as far away as we could from any pharmaceutical drugs. We live in Los Angeles so we headed into the Sierra Nevada mountains, where we found ourselves in Yosemite, and eventually Nevada. As he detoxed, I set out planning the next six months of recovery for him, using some of the same techniques I applied in my own world, but with more of a 2016 spin.

It is clear we need to make more of an investment in him if we are going to actually get the results we are looking for, and big changes will be necessary. I will be stepping away from my work completely for at least the next six months, probably upwards of a year. It isn't something we can afford, but it is also something we can't afford not to do. I understand that this will have a big impact my business partners, and my clients, but this is the priority.

I will spend the next six month hiking around the west coast, which I know well, some of the same trails I used to find my own sanity 20 years ago. We will be clearing trails, and documenting what we do, and what we see via GoPro, Phantom Drones, and our journals. You can find our story at dronerecovery.org, where my partner in crime, and his mother, will be publishing photos, videos, and stories from our journey.

There will be no rest for the wicked as they say. I will keep us moving every day with a new place to go, a new challenge, and plenty of work along the way to keep both of us occupied. Until some day, he is strong enough, confident enough, and healthy enough to do it all on his own.



from http://ift.tt/1NHx4Jx