brentashley

it’s amazing how small the world is getting. i write this library of javascript code, decide to release it, and within a month or two i’m getting mail from users all over the world who have seen it and found it of use to them. just this past week I have had mail from israel and pakistan - both places i’ll probably never get the chance to visit. remarkable.

when Microsoft announced their HailStorm initiative last week, it didn’t quite sit right with me. of course, you will know how it irked me from the world domination perspective. you will know how it enlightened me from a Bill/Borg perspective. but there’s been some other intangible just exceeding my grasp…

it came to me as i read Kara Swisher’s article from the Wall Street Journal. it’s this name, HailStorm. Kara says:

The first question that arises about Microsoft ’s newest Web initiative is this: What’s with the malevolent code name HailStorm? It conjures images of concussions from baseball-size hailstones. After years of trying to prove it isn’t a bully, couldn’t the company have chosen something a bit gentler, like SoftSpringRain?

exactly. Microsoft is one of the slickest marketing machines on the planet. what would possess them to present such a harsh face?
sure, use HailStorm as an internal rallying cry while in development, but for goodness sake rename the thing to something more palatable for release. it doesn’t make sense. these guys don’t make public relations moves without putting a whole lotta thought into it. oddly though, somehow this seems familiar…

well, i’ll tellya what it is. it reminds me of a government who has a hold of a huge majority. the voting public has saddled themselves with them for the foreseeable future. now is the time to make big waves. announce loudly that there will be a new sweeping program introduced next year. toll roads, hospital user fees, fingerprint identification for social programs, or some other such entirely unpalatable dross.

then they sit back and wait for the wailing and gnashing of teeth. the opposition is outraged, the pundits pontificate, the spin-doctors spin. committees are convened, polls taken. the policies are adjusted by the exact amount necessary to assuage the naysayers, no more, no less.

a year later, the policy is implemented, much prettier than its original incarnation. the opposition and the press have saved us from the bullies. the govt gets to boast about its collaboration, openness, yadda yadda. most of us know that what they got is likely exactly what they planned all along, but they get to pull their image out of the dumpster just in time for the next election campaign to start.

same thing happens with management and labour unions. both sides start off with ridiculously polarized demands, never expecting to get a settlement on their original terms. finally they meet in the middle, on terms not far from their real original plans.

mind you, if one side started off on a ridiculously advantageous position and there were no voices to counter it and play the game, the other side would get stuck with the short straw, big-time.

so i guess i’m saying someone’s gotta keep ‘em guessing. sure, it’s all a poker game, but we don’t have a chance to redistribute the chips without engaging in the game, calling their bluffs, making some of our own.

i think the blogging community, with its ability to cast multiple radial threads of relevant commentary and rational discussion while also providing coherence by making reticular links to keep the multiplicity of threads unified, can help to provide the critical mass of organized (or at least catalogued) public opinion necessary to get a seat at this game.

an odd part of being canadian is that often we define our national identity by its not-being-american-ness. i guess the folks in new zealand have a similarly defined-by-proximity gestalt.

i remember a scene from a ww2 movie, maybe with David Niven, where a british soldier trying to escape the germans is boarding a train. the guy checking his papers hasn’t a clue, since his german, learned from his parents, is impeccable and deceptively local. however, when he’s done, the german sends him off with a “thank you”, to which the britsh guy instinctively replies “you’re welcome” microseconds before his world comes crashing in.

i also remember that when for a short time i thought i might learn to speak nederlands (dutch), i was told that during the war the officials used to have you say the name of the dutch town Scheveningen, since your pronunciation of the “sch” could determine your dutch/deutsch-ness.

well, the closeness of canadian and american speech is pretty hard to define. that’s why many famous actors and news anchors are canadian and most folks wouldn’t know it. even the vernacular is indistinguishable in many cases.

so here’s your border-check. ask them what grade they were in when they were ten years old. instinctively, the canadians will give you a numeral (grade 4), and the americans will give you an ordinal (4th grade). it’s fascinating to watch. it’s even more telling in print, where canadian press style is to put it in roman numerals (grade IV).

you thought this was leading somewhere but it’s not.

i’ve had a lotta hits since Dave blogged me the other day on the HailStorm rant. around the end of that blurb, i ruminated aloud that maybe someone in a position to do something about it already had, maybe not. my assumption was that surely i’m not prescient - this sort of policybuilding had to be underway, and that by musing openly about its possible existence i would attract at least one person to enlighten me.

i take it no news is bad news.

fellow canuck alanis morissette said it ever so well: isn’t it ironic?

so here’s the lowdown. i blog this rant about HailStorm, Passport, and targeted marketing, see. the most illustrious and worthy Dave links to me. i’ve got an img ref to my own site in my footer here, so I get log hits. of course, when Dave links to ya, hits abound.

so i’m looking through these hits and whaddo i see but a visit from this one particular domain with a neato odd name based on a pretty obscure word. it so happens that this obscure word popped into a conversation on tuesday, so i had visited this very site. i take a look at it again just for interest and i see it’s home to a couple of developers, one who seems to be expert at cross-browser DHTML.

hey, says i, this guy would probably be interested in having a look at my open-source javascript library for cross-browser remote scripting. so i sends him this email, all pleasant-like, inviting him to have a boo at my doins.

then it hits me, like a tunna brix. i’ve just mined my own logs, correlated a hit to a user’s personal tastes, and sent him a targeted advertisement.

talk about ironic. i’ve been assimilated and i didn’t even know it.

<keanu>Whoa!</keanu>

this Hailstorm thing from Microsoft has some serious, rather fecal implications to my mind. let’s forget the actual Hailstorm thing itself. it’s SOAP and XML and all that - cool, open, you name it. from a technology standpoint i like it, sure.

the real whack in the head i get from this is the huge potential for world domination that MS is planning to realize in the implementation whereby everything ties to Passport. i can’t possibly articulate its scope here - start at Dave Winer’s scripting.com and read up on the current rumblings yourself.

i guess the real thing for me is this: i have long been the guy who preaches rational discussion over chicken-little knee-jerk anti-”Micro$oft” slashdot reactionism. i refuse to personify Microsoft as Bill Gates, or the Ontario government as Mike Harris, or all of Toronto’s problems as Mayor Mel’s personal failings (lord knows he has enough of his own) as so many others do. I don’t think MS is evil. I think their technology is generally pretty fab or at least not often any worse than others. I run Win2000 on my laptop using hibernate mode a couple of times a day to bring it back up on three different networks and I haven’t had to reboot in two months despite using it as a development machine. unstable, my ass. conversely, I have to reboot my Linux box twice a day because I haven’t yet figured out how to fix this problem where it loses its IP routing table - not that it’s unstable, but that I don’t care enough to find out how to do it without rebooting. I believe generally that there are more known security holes in MS products because there are more twits hellbent on finding them than with other products.

my answer to the Bill is Evil camp is that in the scheme of things, he’s as close to a benevolent dictator as we might have had. stay with me here a second. let’s agree for argument’s sake that given the nature of capitalism, technology and human frailty, if it weren’t Bill at the helm, another company and headstrong personality would have risen to a similar position. choose from this list of candidates who you would rather it be (i intentionally left out folks like Linus Torvalds and Larry Wall who, while worthy personalities, aren’t tied to corporate entities and therefore would not have found themselves in this postion)

• Larry Ellison
• Scott McNealy
• Steve Jobs
• Gary Kildall
• Michael Cowpland
• Ted Turner
• …?

…exactly. with egomaniacal fatheads like Ellison on the short list, Bill ain’t so damn scary. well, the point is, until now. until now, Bill, to me, has been a nerd truly in love with technology at the head of a burgeoning organization becoming more conglomerate every day. this HailStorm stuff and its implications finally draws me into the camp of starting to believe that he and his company have become one and that it is the Borg.

i’m gonna hafta watch this issue closely.

… 4pm

So what exactly is it that I think about HailStorm, you ask? (or at least, the Daves among you ask, ever the manilamentor, pressing me to be more expressive)

Let’s see some stuff Bill Gates says about it. I’ll try to provide context - I hate people who knock down arguments outside of context.

From Bill’s HailStorm introduction speech, where he is talking about how all these zillions of little services are available to you from wherever you might be and how you need a way to have your credentials, preferences, all sorts of schema follow you about.

Now, how do you get at HailStorm? You get at HailStorm by providing your credentials. Our service for authenticating credentials is called Microsoft Passport. You provide the passport, and then your schema is available to you.

Take a look at that:

…your schema is available to you.

Your schema, stored on Microsoft’s system, is made available to you for each Hailstorm service you consume.

Let’s not be naive here, there’s a corollary to this:

Microsoft’s system is made aware of each Hailstorm service you consume and can correlate it to your schema.

These services and transactions are getting extremely granular. You do some shopping around a few different sites for travel and car rental, there might be a separate Hailstorm service called and “credentialled” against your passport for each flight availability query, each booking, each access to add these to your schedule, each financial transaction, blah blah yadda yadda; technically, one hit for each SOAP remote procedure call.

And you thought doubleclick knew some serious shit about you. Passport’s current capabilities pale by comparison.

A perfect flesh-world analogy is the biggest and most unwittingly fallen-for privacy inveigling scheme on the planet - AirMiles. The more vendors that offer it, the more people use it, the more the AirMiles folks know about you, your spending habits, the minutiae of your grocery bill, ad infinitum. Then they take this information and not only aggregate it, but generate targeted mailing lists for their true customers, the corporate demographic-seekers.

Of course, I can control it. I tell the cashier at A&P that I don’t have a card even though I do. Fat lot of good it does, because my spouse may or may not present it everywhere outside of my control.

The kicker though, is that on the premise that it’s for your security, Microsoft and the vendors can and will require a Passport hit for each of these Hailstorm transactions. All of these hits will become fodder for the great demographic data mine that is the heart of Passport, available to the holder of the keys to the Passport vault to be correlated directly to your personal details.

Imagine if your bank, who has an intimate record of your entire financial transaction history, decided to sell this information to marketing houses. Holy sheeeeit, what a frickin ruckus would ensue. Bank privacy has years of history that ain’t getting swept away any time soon.

But we’re in a new era here. Online transactions change the way things are done. Those who have the power and presence to get in now can set precedence while there’s still a void of public perception, understanding, policy, privacy law, all that.

I think there needs to be someone who sees this big picture and is in a position to start building public policy. Maybe there is already, maybe there isn’t.

So you have the idea. I’m tired of typing.

… 10:30pm

it’s all about what you’re trying to solve. the inability of most current browsers to do SOAP or XML-RPC outta the box will be solved by the arrival of the next generation of browsers. any attempts to get it happening before that will result in two things:

1. a temporary bridge to the future
2. a permanent bridge to the past

i have to agree with the webstandards folks that we’ve gotta stop pandering to those who refuse to get with the program.

the upshot of this is that i’m not going to pursue hacky, kludged SOAP and XML-RPC colostomy bag add-ons. for now i’ll use my trusted sherpa guide remote scripting to keep the UI smooth, and do the real acrobatics on the server side where I can already use XML-based RPC in all its splendour

i’m investigating the possibility of writing a SOAP or XML-RPC client in javascript, to use the JSRS transfer mechanism. complexities abound:

1. javascript cross-frame scripting limitations would mean that i’d have to broker any transactions to foreign servers through the server

2. the XML parsing would be a real beast to implement completely in javascript on the client side since i would want to get this to work across various browsers

3. the asynchronous nature of JSRS would not fit well

a thought i have had re the first point leads me towards just having jsrs act as a broker to a SOAP or XML-RPC proxy running on the server.

the asynch problem remains, but that’s worth pursuing for now. yeah, that’s it. sure. i’m glad we had this chat.