« choosing your battles
like ray-ee-ain on your wedding day »
h1

hail hail the gang’s all here

March 22nd, 2001

<keanu>Whoa!</keanu>

this Hailstorm thing from Microsoft has some serious, rather fecal implications to my mind. let’s forget the actual Hailstorm thing itself. it’s SOAP and XML and all that – cool, open, you name it. from a technology standpoint i like it, sure.

the real whack in the head i get from this is the huge potential for world domination that MS is planning to realize in the implementation whereby everything ties to Passport. i can’t possibly articulate its scope here – start at Dave Winer’s scripting.com and read up on the current rumblings yourself.

i guess the real thing for me is this: i have long been the guy who preaches rational discussion over chicken-little knee-jerk anti-“Micro$oft” slashdot reactionism. i refuse to personify Microsoft as Bill Gates, or the Ontario government as Mike Harris, or all of Toronto’s problems as Mayor Mel’s personal failings (lord knows he has enough of his own) as so many others do. I don’t think MS is evil. I think their technology is generally pretty fab or at least not often any worse than others. I run Win2000 on my laptop using hibernate mode a couple of times a day to bring it back up on three different networks and I haven’t had to reboot in two months despite using it as a development machine. unstable, my ass. conversely, I have to reboot my Linux box twice a day because I haven’t yet figured out how to fix this problem where it loses its IP routing table – not that it’s unstable, but that I don’t care enough to find out how to do it without rebooting. I believe generally that there are more known security holes in MS products because there are more twits hellbent on finding them than with other products.

my answer to the Bill is Evil camp is that in the scheme of things, he’s as close to a benevolent dictator as we might have had. stay with me here a second. let’s agree for argument’s sake that given the nature of capitalism, technology and human frailty, if it weren’t Bill at the helm, another company and headstrong personality would have risen to a similar position. choose from this list of candidates who you would rather it be (i intentionally left out folks like Linus Torvalds and Larry Wall who, while worthy personalities, aren’t tied to corporate entities and therefore would not have found themselves in this postion)

  • Larry Ellison
  • Scott McNealy
  • Steve Jobs
  • Gary Kildall
  • Michael Cowpland
  • Ted Turner
  • …?

…exactly. with egomaniacal fatheads like Ellison on the short list, Bill ain’t so damn scary. well, the point is, until now. until now, Bill, to me, has been a nerd truly in love with technology at the head of a burgeoning organization becoming more conglomerate every day. this HailStorm stuff and its implications finally draws me into the camp of starting to believe that he and his company have become one and that it is the Borg.

i’m gonna hafta watch this issue closely.

… 4pm

 

So what exactly is it that I think about HailStorm, you ask? (or at least, the Daves among you ask, ever the manilamentor, pressing me to be more expressive)

Let’s see some stuff Bill Gates says about it. I’ll try to provide context – I hate people who knock down arguments outside of context.

From Bill’s HailStorm introduction speech, where he is talking about how all these zillions of little services are available to you from wherever you might be and how you need a way to have your credentials, preferences, all sorts of schema follow you about.

Now, how do you get at HailStorm? You get at HailStorm by providing your credentials. Our service for authenticating credentials is called Microsoft Passport. You provide the passport, and then your schema is available to you.

Take a look at that:

your schema is available to you.

Your schema, stored on Microsoft’s system, is made available to you for each Hailstorm service you consume.

Let’s not be naive here, there’s a corollary to this:

Microsoft’s system is made aware of each Hailstorm service you consume and can correlate it to your schema.

These services and transactions are getting extremely granular. You do some shopping around a few different sites for travel and car rental, there might be a separate Hailstorm service called and “credentialled” against your passport for each flight availability query, each booking, each access to add these to your schedule, each financial transaction, blah blah yadda yadda; technically, one hit for each SOAP remote procedure call.

And you thought doubleclick knew some serious shit about you. Passport’s current capabilities pale by comparison.

A perfect flesh-world analogy is the biggest and most unwittingly fallen-for privacy inveigling scheme on the planet – AirMiles. The more vendors that offer it, the more people use it, the more the AirMiles folks know about you, your spending habits, the minutiae of your grocery bill, ad infinitum. Then they take this information and not only aggregate it, but generate targeted mailing lists for their true customers, the corporate demographic-seekers.

Of course, I can control it. I tell the cashier at A&P that I don’t have a card even though I do. Fat lot of good it does, because my spouse may or may not present it everywhere outside of my control.

The kicker though, is that on the premise that it’s for your security, Microsoft and the vendors can and will require a Passport hit for each of these Hailstorm transactions. All of these hits will become fodder for the great demographic data mine that is the heart of Passport, available to the holder of the keys to the Passport vault to be correlated directly to your personal details.

Imagine if your bank, who has an intimate record of your entire financial transaction history, decided to sell this information to marketing houses. Holy sheeeeit, what a frickin ruckus would ensue. Bank privacy has years of history that ain’t getting swept away any time soon.

But we’re in a new era here. Online transactions change the way things are done. Those who have the power and presence to get in now can set precedence while there’s still a void of public perception, understanding, policy, privacy law, all that.

I think there needs to be someone who sees this big picture and is in a position to start building public policy. Maybe there is already, maybe there isn’t.

So you have the idea. I’m tired of typing.

… 10:30pm

Comments are closed.