[edited for clarity 1/25/2010:] Google’s tracking of everything you search — and like — on the internet is only marginally less scary than Facebook’s harvesting of your personal data for commercial use . It’s a bit like having someone following you around town from the moment you step out of your house in the morning, and taking notes on everything you look at, intract with, purchase, etc. At the of the day that person sells that information to the highest bidding advertisement/marketing agency, or straight to WalMart. They keep records of it too for data mining at a later date (up to 9 months). During that time there is no saying that the government cannot ask for full access to these archives. And much scarier in fact, there is no saying who might be able to hack their way into these archives.

And why not? I have nothing to hide. Still, better safe than sorry. What I don’t feel the need to hide today may become something worth keeping private tomorrow, if the political or social or economic landscape changes a lot. [added 1/25/2010: ] as recently written in a CNN opinion piece: “it’s bad civic hygiene to build technologies that could someday be used to facilitate a police state” (or organized crime).

In short, I don’t believe one minute that Google has malevolent intentions, but I do very much say that they are reckless in aggregating and therefore exposing to misuse so much of our personal information. Similarly I don’t see today’s Western governments as major threats to my liberties, but (1) that could change and (2) other governments or movements could target my private info (c.f. China targets foreign supporters of civil liberties in China — just google “chinese government hacked gmail accounts” for more details..

So I say, let Google ask: Where have you been?

They don’t need to know. I’m going to try out this GoogleSharing.net thing.

If you want to do the same, log in to your facebook account and then go straight to http://www.facebook.com/help/contact.php?show_form=delete_account

It’s too bad because some of it was pretty useful indeed. I like the service, but I cannot use it in a way that I find satisfactory for my need for privacy.

Without saying so, Google is implying that the Chinese government may have been trying to hack the GMail accounts of human rights activists and their supporters in China and abroad. That, along with the censorship imposed by the post-communist government, is the moral high-ground on which Google stands.

Beyond the moral reasoning, there is a strong business motivation for Google to play hard ball with the Chinese government. Google’s core business model is compatible with neither censorship nor lack of privacy. Censorship undermines the perceived value of its search product, which it uses to collect data. And lack of privacy reminds people that Google holds a *lot* of their personal data in a form that can readily be mined, and that even if Google’s primary use of it is relatively benevolent (ad targeting), there still is a huge risk to the user: plain old Orwellian 1984-ism.

While these two reasons would not be strong enough motivation for most users to ditch Google and its brethren (in favor of what?), they might provide the basis for legal or government-level action in the US, Canada and the EU aimed at more strictly regulating Google’s main business activity — the aggregation of personal data for the purpose of targeting ads.

That could be the real threat perceived by Google.

There is a very similar initiative at Microsoft: websandbox at Microsoft livelabs. I have no idea if these are one and the same initiatives, or competitors, or somewhere in the middle.

My prediction is that beyond mashups and many other fantastic applications, this kind of technology will at last make the Semantic Web a reality. Why? because now data and its closely associated code (just like an object in OOP) can safely travel together from any source to any web application. The code is what gives the data some meaning even when the “mashup” does not know the semantics.  As long as we can apply this idea to as *small* a piece of data as we (architects and developers) want, we can build web 3.0.

As a result of this new technology, expect the start of a very dynamic phase of web 2.0 advances.

Read the OpenAjax Hub 2.0 Specification here.

It’s clear that nobody reads or understands terms-of-use and privacy agreements; so there’s something unfair in pretending that we freely gave up our provate information when we just can’t know how it will be used.

Expected show-time is about a year from now when either a consensus has been reached with the industry, or the Bureau of Consumer Protection has had enough and goes on a crusade.

Along with the overhaul of the patent system as it applies to software and business processes, this promises to bring order to the gold rush that the collection and trading of personal data has become.

President Obama Announces Intent to Nominate David Kappos as Patent and Trademark Director [1]

Kappos is IBM’s main intellectual property counsel, and he has been a strong advocate for open-source. One of his tasks at the United States Patents and Trademarks Office (USPTO) would be to make this dinosaur speedier. Which means you might at last be able to get a patent while it’s still relevant to your business.

More importantly, David Kappos has been a key guy implementing IBM’s latest patent strategy which goes by the following rules [2]:

• Patent applicants are responsible for the quality and clarity of their patent applications.

• Patent applications should be available for public examination.

• Patent ownership should be transparent and easily discernable.

• Pure business methods without technical merit should not be patentable.

These rules are more restrictive than US patent laws, especially the way that the USPTO currently enforces them, and we can imagine that Kappos is being chosen for the Patent Office in part because of this slant.

This comes at a time when an entire set of dubious patent-related practices are being methodically dismantled by the Supreme Court and the USPTO. [3], [4], [5] and [6].

Not least of which being the questionable practice of granting patents on “business methods”. [8]

All in all I like the whole trend. As much as it is incredibly easy to “invent” new software, right now it is inversely difficult to protect one’s inventions because of the huge expenses. Throwing $10,000 at your attorney doesn’t buy you much protection; $100,000 is more like it for a coherent set of patents worth building a business on, and that’s without the potential cost of litigation when Amazon takes notice. Even without seeking to aggressively protect your ideas, if you’re not a big player with a big patent portfolio, a big legal team and a big bank account, you still don’t dare invent and implement anything too ambitious for fear of getting sued. In this environment, to a small software developer, too much success equals danger.

A shift away from patents and toward open-source (and trade-secrets) will give smaller, more nimble inventors much better chances. And you just watch the impact it will have. Big companies will be busy productizing ideas, inventions, frameworks and other pieces of code small and big generated as much by their own engineers as by the rest of the community. Inventors will be able to get a return on their “ideas” not by patenting and licensing them, but by making specialized, high value-add products based on their own open-sourced ideas, without fear of unwittingly infringing IBM’s (or Amazon’s or Google’s) patents. Of course we all know the trend has been here for years (Linux, Apache..) but look for the next generation of web “inventions”, call it Web 3.0, to exist in a world very different from Web 2.0. A much friendlier world. And as a result, look for more disruptive technologies coming out of unforeseen places. Just like HTML and HTTP came out of…. the CERN!!?

Well that’s the future I am hoping for anyway, because I have a lot riding on it.

However recently Apple has rejected a number of phonegap-based apps — see Mike Nachbaur’s blog — needless to say we are concerned, and the phonegap people (developers and users alike) are bordering on outraged, and certainly scared. Mike Nachbaur did the right thing and sent Apple a politely written open letter, which they acknolwegded but apparently have not responded to yet.

Ajaxian complained, and ReadWriteWeb offered some potential reasons for Apple to be rejecting phonegap apps. Not least of which being that Apple may want to make cross-platform development more difficult than it has to be.

To us at Logimake this may mean the following:

1. Because our time spent learning and developing for the iPhone will not easily benefit our strategy on other mobile platforms, we will have to spend more time right now on Android and Blackberry (using phonegap, perhaps), to compensate for the loss of synergy
2. Because it is still not clear yet whether the iPhone will become a serious player in the enterprise, that loss of synergy is making it doubly imperative to develop on a Blackberry-enabled platform like phonegap. 

Apple’s forte on the iPhone is in consumer apps, and it has lots to prove in enterprise apps — and integration. By keeping cross-platform frameworks, and hence applications, at bay, Apple may be reducing its own potential success in the enterprise.

We are eagerly waiting any news from Mike or Apple.

Since I started this blog a little over a month ago, it has had around 700 page views (not big by blogging standards, but still nice), 800 ad impressions, and 2 clicks. Those 2 clicks earned me very very close to $0, as close as you can possibly get and call it revenue (take a wild guess what that $ amount was). On top of it, these clicks happened on the very day I put the blog online — so it’s clear that was me clicking.

Let’s look at all the cons of having Google Ads on my blog. (1) I generated exactly $0 of cash from them, (2) it took me time to set up, (3) it eats up prime real estate on my pages, (4) it cheapens my content,  and (5) the ads are not even useful to my readers — they don’t click on them as I’ve discovered, and frankly, I don’t blame them.

Therefore, I will use the real estate for something else, and I will “monetize” my blog in a different way; in the same way as I do every “side” conversation I have with clients, sub-contractors, colleagues: in completely unforeseen and un-quantifiable ways.

In reality, like most bloggers, I write this blog in the first place because it forces me to identify and organize “nuggets” of information that I come across or generate. Second, I write it, again like most bloggers, in the spirit of participating in my professional community.

Making a few cents or dollars, as a third-rank motivation, is not worth the real-estate that Google Ads consume.

Instead I can strengthen the “message” of my blog pages quite a bit by making good use of that real estate; something much more interesting than ads. I am thinking of content that tries to convey ideas that are less transient in nature than the blog posts, in a way that is more compelling than a blogroll, and not hidden in a secondary page. For now, I’ll just post ads of my own making. Ha!

So… I am saying “Bye Bye Google AdSense, it was nice knowing you”.

(lingering fear: will this affect my google search Page Rank negatively?)

In my opinion the first thing software makers should invest in to reduce the number of vulnerabilities, is more code reviews focused on security. Senior engineers are ‘gatekeepers’; they need to be held accountable (within their own company, not publicly) if their team releases flaws whih could have been prevented.

A second one is more testing. Hackers are able to find vulnerabilities, so software makers can too! Software makers have the (dis)advantage of knowing how the software is built, which gives them the ability to model vulnerabilities, and then test for them. It’s in great part a matter of having test engineers spend time on the problem.

But since this is all being done already, yet obviously not well enough, I think what we need to do is to re-inject a bit of good old TQM into the whole process.

It’s an economic problem more than anything. A bit like the fight against terrorism; it’s way more expensive to prevent it than it is to commit an act of terrorism.