It’s rather pleasing to see that ‘link rot’ and dead connections have been part of the internet ever since the start. As shown in RFC-315 reporting on a week’s worth of server status reports in February 1972, as read by Darius Kazemi. Of course the underlying notion of the internet as distributed system is that if a node fails, the rest can continue to work. This was fundamental to ARPANET. What’s pleasing to me is the fact that such robustness was needed from the start, that over half of servers could be ‘dead’ and the network still be seen to exist. That intermittence was not just a theoretical requirement but an every day aspect in practice. Intermittence has been on my mind a lot in the past few weeks.

Today in 1971, 48 years ago RFC-287 was published revising the Mail Box Protocol so that you can send messages to a mailbox at a different institution.

The potential utility for the mechanism was confirmed

Basically we’ve been struggling to get to inbox zero ever since. Of those 48 years, I’ve been using mail 30 years almost to the day. The RFC talks about sending messages directly to a printer, as well as to a computer to store. In the early days I would print messages that were sent to me (also so you could delete them from computer storage and especially from the shared mailbox I had on a system), and kept a binder with them. When that binder was full, and I realised what it would mean going forward, I stopped printing mail. It bemuses me how regularly corporate e-mail signatures still ask me to reconsider before printing an e-mail. Over a quarter century later!

I know about this and other RFCs (Request For Comments) because Darius Kazemi has a wonderful project this year, where he reads one RFC per day in chronological order and writes about it. It is an early internet archeology project slowly unfolding in my feed reader day by day, in honour of the 50th anniversary of the very first RFC on April 7th 1969. In these RFCs the early protocols are discussed and born that formed the internet. It is fascinating how some of the names of people coming up still are remembered, and others aren’t. And it has paths that lead to nowhere. It makes clear how so much of human achievement is iterative and incremental steps in the dark with people doing what seems plausible from their current standpoint.

Darius read this particular RFC on October 5th, and I wrote this posting October 8th, setting it to publish today November 17th at its 48th anniversary, with the same timestamp as the original from 1971.

Good catching up with you after too long Boris. Excited to hear about Fission. Later on was wondering how IPFS as starting point plays out with highly dynamic material (e.g. real time data sets), versus dat for such data sets. Pleasing to note our thinking since our joined session at BarCamp Brussels in 2006 has evolved along similar lines in the current timeframe, except you more on the tech side of things, and me on the change management side of it.

This is a somewhat worrying development: the entire .org registry of domain names has been sold to a private equity investor. That basically spells out just one way forward, extraction and rent-seeking. As this step immediately follows from ICANN lifting price increase caps in place earlier this year (against the advise of US competition authorities it appears), and the buyer is a newly established entity it seems to have but that purpose.

“Price hikes in 3, 2, 1, ….” seems to be the consensus.

As this site’s domain is part of the .org TLD (when I registered it in the spring of 2003, it was the one non-country TLD ‘zylstra’ was available for), I briefly looked into my options, to defend against price gouging. My domain name renews on May 3rd 2020, in just under 6 months time. I should be able to renew the domain 60 days before it expires, so by early March, in 4 months. Then I will be able to renew for a 5 year period at once. Which, if it precedes a price hike, means I get to buy myself a few years extra before needing to make a decision.

On a more fundamental level, I am surprised that maintaining a TLD domain name registry is entirely left to market forces by ICANN like that. For instance the Dutch national TLD registry is maintained by a non-profit foundation. Whoever runs a TLD registry has a monopoly by default and the costs of leaving for existing domain holders is very substantial. Combining that, monopoly and lock-in, with private investors whose first commandment is not maintaining the general public service that a domains registry (not: registrar) constitutes is worrisome. E.g. this site has been on this domain name for 16.5 years. This domain name is for all intents and purposes my online unique identifier, and I definitely use it as such. Now, for me personally, moving the entire thing isn’t extremely bothersome in itself. It would sadly cause a major chunk of link-rot, but moving it to e.g. zylstra.eu which I also have can be done without much consequence for myself should the costs of zylstra.org rise uncomfortably. It would however also mean moving my de-facto online identity, which is likely to cause confusion in my networks. That identity confusion, and brand damage will be of an entirely different level if you’re a very established NGO, brand or non-profit on a .org domain. E.g. the World Bank, WordPress or Wikipedia, which coincidentally spells WWW, also hosted on .org. Then leaving is much harder, and you’ll likely go with whatever pricing model gets introduced. If only for after a move someone else will pick your old high-recognition domain up for spoofing and phishing most likely, so you’ll stay put whatever the cost.

It smells like something that should be of interest to competition authorities everywhere.

Bookmarked Breaking: Private Equity company acquires .Org registry – Domain Name Wire | Domain Name News (Domain Name Wire | Domain Name News)

Ethos Capital, led by former ABRY Partners Managing Partner, buys .Org registry. I thought this might happen. And now it has. Fresh off ICANN’s blunder letting Public Interest Registry set whatever price it wants for .org domain names, Internet Society (ISOC) has sold the .org registry Public Interest Registry (PIR) to private equity company Ethos …

It seems sharing play-lists is no longer an innocent behaviour, nor is playing YouTube with the sound on in the presence of automated speech recognition like Google’s, Amazon’s and Apple’s cloud connected microphones in your living room. “CommanderSongs can be spread through Internet (e.g., YouTube) and radio.

The easiest mitigation of course is not having such microphones in your home in the first place. Another is running your own ASR with your 95% standard commands localized in the device. Edge first like Candle proposes, not cloud first.

Bookmarked CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition (arXiv.org)

The popularity of ASR (automatic speech recognition) systems, like Google Voice, Cortana, brings in security concerns, as demonstrated by recent attacks.
The impacts of such threats, however, are less clear, since they are either
less stealthy (producing noise-like voice commands) or requiring the physical
presence of an attack device (using ultrasound). In this paper, we demonstrate
that not only are more practical and surreptitious attacks feasible but they
can even be automatically constructed. Specifically, we find that the voice
commands can be stealthily embedded into songs, which, when played, can
effectively control the target system through ASR without being noticed. For
this purpose, we developed novel techniques that address a key technical
challenge: integrating the commands into a song in a way that can be
effectively recognized by ASR through the air, in the presence of background
noise, while not being detected by a human listener. Our research shows that
this can be done automatically against real world ASR applications. We also
demonstrate that such CommanderSongs can be spread through Internet (e.g.,
YouTube) and radio, potentially affecting millions of ASR users. We further
present a new mitigation technique that controls this threat.

Today 17 years ago, at 14:07, I published my first blog post, and some 2000 followed since then. Previously I kept a website that archive.org traces back to early 1998, which was the second incarnation of a static website from 1997 (Demon Internet, my first ISP other than my university, entered the Dutch market in November 1996, and I became their customer at the earliest opportunity. From the start they gave their customers a fixed IP address, allowing me to run my own server, next to the virtual server space they provided with a whopping 5MB of storage 😀 .) Maintaining a web presence for over 22 years is I think the longest continuous thing I’ve done during my life.

Last year I suggested to myself on my 16th bloggiversary to use this date yearly to reflect:

Last year the anniversary of this blog coincided with leaving Facebook and returning to writing in this space more. That certainly worked out. Maybe I should use this date to yearly reflect on how my online behaviours do or don’t aid my networked agency.

In the past 12 months I’ve certainly started to evangelise technology more again. ‘Again’ as I did that in the ’00s as well when I was promoting the use of social software (before it’s transformation into, todays mostly toxic, social media), for informal learning networks, knowledge management and professional development. My manifesto on Networked Agency from 2016, as presented at last year’s State of the Net, is the basis for that renewed effort. It’s not a promotion of tech for tech’s sake, as networked agency comes part and parcel with ethics by design, a perception of digital transformation as distributed digital transformation, and attention in general for how our digital tools are a reflection and extension of our human networks and human nature (when ‘smaller‘ and optionally networked for richer results).

Looking back 12 months I think I’ve succeeded in doing a few things on the level of my own behaviour, my company, my clients, and general communities and society. It’s all early beginnings, but a consistent effort of small things builds up over time steadily I suppose.

On a personal level I kept up the pace of my return to more intensive blogging two years ago, and did more to make my blog not only the nexus but also the starting point for most of my online material. (E.g. I now mostly send out Tweets and Toots from my blog directly). I also am slowly re-adopting and rebuilding my information strategies of old. More importantly I’m practicing more show and tell, of how I work with information. At the Crafting {a} Life unconference that Peter organised on Prince Edward Island in June I participated in three conversations on blogging that way. Peter’s obligation to explain is good guidance in general here.

For my company it means we’ve embarked on a path to more information security awareness, starting with information hygiene mostly. This includes avoiding silos where possible, and beginning the move to a self-hosted Slack-like environment and our own cloud. This is a reflection of my own path in this field since the spring of 2014, then inspired by Brenno de Winter and Arjen Kamphuis, whose disappearance a year ago made me more strongly realise the importance of paying lessons learned forward.

With clients I’ve put the ethics of working with data front and center, which includes earlier topics like privacy law, data sovereignty and procurement, but also builds on my company’s principle of always ensuring the involvement of all external stakeholders when it comes to figuring out the use and value of open government and open data. Some of that is awareness raising, some of that is ensuring small practical steps are taken. Our company is now building up a ‘holistic’ data governance program for clients that includes all this, not just the technical side of data governance.

On the community side several things I got myself involved in are tied to this.

As a board member of Open Nederland I help spread the word about how to allow others to make use of your work with Creative Commons licenses, such as at the recent Open Access Week organised by the Leeuwarden library. Agency and making, and especially the joy of finding (networked) agency through making, made possible by considered sharing, was also my message at the CoderDojo Conference Netherlands last weekend.

Here in the Netherlands I co-hosted two IndieWebCamps in Utrecht in April, and in Amsterdam in September (triggered by a visit to an IndieWebCamp in Germany a year ago). With my co-organiser Frank we’ve also launched a Meet-up around IndieWeb in the hope of more continuously engaging a more local group of participants.

I’ve also contributed to the Copenhagen 150 this year at Techfestival, which resulted in the TechPledge. Specifically I worked to get some version of being responsible for creating ongoing public debate around any tech you create in there, to make reflection integral to tech development. I took the TechPledge, and I ask you to do the same.

Another take-away from my participation in the Copenhagen 150, is to treat my involvement in the use and development of technology more deliberately as a political act in its own right. This allows me to feel a deeper connection I think between tech as extension of human reach and global topics that require a sense of urgency of humanity.

Here’s to another year of blogging, and, more importantly, reading your blog!