Open Letter to Chris Cox and Facebook

2015-02-14_13-58-05It was nice of Chris Cox to post an explanation of Facebook’s name policy and apologize to “the affected community of drag queens, drag kings, transgender, and extensive community of our friends, neighbors, and members of the LGBT community for the hardship that we’ve put you through in dealing with your Facebook accounts over the past few weeks.”

Except that the post doesn’t honestly explain Facebook’s name policy.  The real purpose of the policy is to force you to use a name on Facebook that can be matched to the name you use to make transactions – such as the one on your credit card – so they can correlate the ads you’ve been shown to purchases you make in the real world and charge the advertiser more money.  This is why in the old wording of the policy they asked for the same documents they match against – driver license, credit card, etc.

[Read more…]

Bacon, eggs and pie: the problem with #VRM

The VRM email list is once again suffering a bout of name angst.  There are many identity geeks on the list and an existential question of the extent to which identity flows from the name and vice versa so it’s always an interesting discussion, regardless of whether headway is made.  I’m of the opinion that the name tends to define the thing and that this is in fact part of the problem with VRM up to now.  It has become defined, to the point of being confined, by it’s own name.

[Read more…]

Shedding the light on the “going dark” problem

My theory about the “going dark” problem is the opposite of the official government explanation. They claim that they need to be able to read the communications of bad actors. (“Bad actors” in the security sense here, not the Hollywood sense.) But the back doors they’ve engineered have more to do with weakening the keys than with breaking the algorithms.  Mitigations are simple: introduce additional entropy while generating the key, use uncommonly long keys, use protocols with Perfect Forward Secrecy.  Anyone serious about preventing eavesdropping can reasonably expect to do so with a bit of work.

If that’s true, then what’s the big deal about lots of ordinary people who are *not* surveillance targets also using encryption?

[Read more…]

Do We Need an Alternative to HTTPS and TLS?

“Do We Need an Alternative to HTTPS and TLS?”  This question came up in the Personal Clouds list recently.  Thanks to the well publicized problems with Certificate Authorities, variations on this question are a common theme among many of the communities in which I participate.  The CA has become the whipping boy for all the ills of authentication and network security.  Let’s just get rid of it, right?  It’s not that simple.

[Read more…]

Why leave IBM?

Since announcing my departure from IBM, there have been many questions about the move:

“What happened?”
“Why are you leaving?”
“Is there a non-compete that keeps you from coming back and working for us?”

I want to put any speculation to rest and explain all this in one place so I can just send a link.  It’ll be easier for all concerned.  Let me take these in order.


What happened?

Nothing “happened”  in the sense of a precipitating event or ill will on anyone’s part.  Sorry but there is just no dirt to dish here.  If you want drama, go read The Odd is Silent and search for “Nosy Store Clerks.”


Why are you leaving?

Best explanation I’ve written is posted on Facebook:

IBM’s expectations of me in PLM were preventing me from spending as much time as I’d like in the WMQ community. As a PLM you are doing all sorts of behind-the-scenes work that takes time from public-facing activities and are often working on things that are unannounced and confidential and you can’t talk about at all. So it was actually difficult to do that and contribute externally. My intention is to work more in the community and be a bigger asset to WebSphere Messaging externally than I was internally.

Fact is I’m pretty good as a consultant and fairly suck as a product manager. It seemed like a good idea at the time, didn’t work out and neither I nor IBM have hard feelings about it. In fact, I’m cleared to work through ISSW so can continue to serve the same customers even as I’m out meeting new ones. It can only get better for me, for IBM and for the WMQ community out there with this move.

If you’ve worked with me as a consultant, you know when it comes to deep technical topics I’m in my element.  Give me a set of requirements to design from, or a misbehaving system to troubleshoot, or a security perimeter to penetrate, and stand back.  But whether it’s my Asperger’s, my temperament, or a deficiency in “soft skills,” or some combination of all these, I wasn’t nearly as effective as in product management as I am in a technical or teaching role.  Not that I was bad at it, but I can’t stand to toil away being merely good at one job knowing there’s another where I excel.


Can you work for us?

Yes!  I’m available as an independent or if you have a preferred vendor list, I have agreements with several established services firms, one of which is bound to be on your list.  As alluded to in the last section, IBM Software Services is one of the firms I’m able to sub-contract through.  In the few cases where there’s a non-compete issue, all I need to do is refer you to the IBM Software Services Practice Manager.


Bonus question: So why not go back to ISSW?

I’m extremely interested in Internet of Things, Personal Clouds, Vendor Relationship Management and Identity Management.  IBM doesn’t cover all these spaces and where they do they tend to specialize.    I’m a “deep generalist”.  I want to do all of these at once.  And, of those they do cover, IBM tends to work in the Enterprise space whereas some of the things that most entice me are happening in startups.

So who is my target market?  Anyone from my regular large enterprise customers all the way to the small startups at the other end of the spectrum.  And if you are located in one of the two states I have yet to visit (Alaska and Hawaii) I’ll figure out an incentive for you.