As We Age, Smartphones Don’t Make Us Stupid — They’re Our Saviors

Hits: 924

(Original posting date: 16 March 2015)

Throughout human history, pretty much every development or invention that increased our information storage and management capabilities has had its loud and voracious naysayers.

Around 370 BCE, both Socrates and Plato were already badmouthing the written word as inherently inferior to in-person verbal dialogue. The printing press, typewriter, telegraph, telephone, and Internet have all been targeted as the presumed bringers of universal intellectual decay.

So it comes as no surprise that when Web search engines appeared on the scene — to organize Internet-based information and make it widely available — much the same tired old attack arguments were trotted out by the usual suspects, in the form of multitudinous “Google Is making Us Stupid!” articles and similar varieties of vacuous commentaries.

The crux of most arguments against having quick access to information seem to largely parallel the attempts not that many years ago (and in some venues, still continuing) to routinely ban calculators from physics and other similar subject tests, on the grounds that not doing the math by hand was somehow — perhaps in a moral judgment “You’ll go to hell!” kind of sense — horribly cheating.

But unless the test you’re taking is specifically one for mathematical skills, the rote manual calculation process is practically worthless compared with developing the necessary skills to actually analyze a problem and determining appropriate methodologies for reaching correct answers. Even a specific answer itself may often be far less relevant in many contexts than development and analysis of appropriate problem solving processes.

One wonders how many potentially brilliant would-be physicists with wonderful analytic skills were sidelined into other professions simply due to not having a knack for manual math.

With the rise of the mobile Net comes the latest incarnation of this twisted saga, the “Are smartphones making us stupid?” meme. There seems to be a new version of this one somewhere pretty much every few days.

In a very real way the term “smartphone” in this context is being used by detractors largely as a proxy for saying “Portable Google” — as a wireless retread of search engine criticisms.

However, in this case the critics are even farther off the mark than usual, because smartphones not only don’t reduce our intelligence, they can be our saviors as we age.

Physiological studies show that our memory for much specific data usually begins to decline at the ripe old age of — 20. Yeah, pretty depressing. But in contrast, our reasoning and analytic skills can in many cases continue developing throughout our lives without limit, as we integrate ever more experiences into the mix.

And here is where the smartphone (along with the vast information ecosystem that supports it) really becomes something of a technological miracle.

For there on your belt or in your purse is a little box that can act as an almost limitless adjunct to your own memory, to your own brain.

Type on it, talk to it. Ask it questions, note its reminders. Smartphones can provide us with very much the exact kind of information that our brains gradually become less adept at recalling past age 20 or so.

To argue that it’s somehow wrong, somehow cheating or unethical or unnatural, to use these devices and their supporting infrastructures in this way, is itself as dumb and stupid as forcing a potentially brilliant future physicist to drop out of school because you wouldn’t let them use a calculator.

Obviously, for smartphones to be most useful at all ages, issues of accessibility become paramount — matters for ground-up consideration, not after-the-fact excuses. Input and output methodologies, font sizes and contrast, all become especially important, since our vision typically begins to decline at the same young age as our memory. These are all relatively straightforward user interface design issues though, given the will to deal with them appropriately.

It would probably be a pretty tough slog to get Plato comfortable with smartphones. On the other hand, he’s quoted as saying: “We can easily forgive a child who is afraid of the dark; the real tragedy of life is when men are afraid of the light.” And especially when it comes to smartphones and the immense value they can bring to us throughout our lives, only a fool would argue with Plato about that.

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.

Confirmed and Unacceptable: Social Security Administration Cutting Off Users Who Can’t Receive Text Messages

Hits: 11290

UPDATE (14 August 2016): I’m told that SSA has removed the mandatory cell phone text messaging access requirement that was strongly criticized in the original posting below. I appreciate that SSA has now done the right thing in this case. Perhaps in the future they’ll think these things through better ahead of time!

– – –

If you don’t have a cell phone, or some other means to receive SMS text messages (and have them enabled, and know how to deal with them), you won’t be able to access your Social Security Administration “My Social Security” online account starting next month.

The SSA is currently sending out emails announcing that SSA online users MUST receive an SMS text message with a two-factor authentication code to access their accounts starting in August.

UPDATE (29 July 2016): Here is the official SSA announcement.
UPDATE (14 August 2016): SSA has now deleted this referenced announcement page since they have removed the mandatory cell phone text messaging login requirement, as noted in the update at the start of this posting.

According to Congressional testimony in May, SSA “expects” to make other two-factor methods available at some point in the future.

While the “expectation” of additional two-factor options at some unspecified time down the line is interesting, the move to now block users who do not have cell phones, or text message capable cell phones, or do not have text messaging enabled, or do not know how to access and read text messages — IS UNACCEPTABLE, especially on such short notice to SSA users.

Two-factor authentication systems are very important, but keep in mind that SSA by definition is dealing mostly with older users who may have only recently become comfortable with online services, and may not make any use of text messaging. Many do not have cell phones or somebody to receive text messages for them. There are also many people living in rural areas where cell phone service simply is not available at all!

Additionally — and ironically — text messaging is considered to be a substandard means of receiving two-factor authentications. And — get this boys and girls — NIST (the USA’s National Institute of Standards and Technology) — just a few days ago officially declared that text messaging based two-factor should no longer be used at all — it’s simply not safe and secure. The possibility of crooks leveraging this SSA text messaging system with fake messages targeting this particularly vulnerable user population is also very real.

It appears that SSA has really mucked this one up. This isn’t secure two-factor, it’s a three-ring circus. And it’s going to leave many SSA users out in the cold.

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.

How Some ISPs Could Subvert Your Local Network Security

Hits: 1295

When most Internet users think about the security and privacy of their communications, they tend to think mainly about the associated practices of the sites they visit on the Net. Rarely do they think much about their ISPs in this regard, even though by definition the ISP has access to the entirely of their communications usage over that ISP (we can assume that in most cases this does not include the ability to read encrypted, e.g. SSL/TLS data, though man-in-the-middle attacks on that secured data are not at all impossible).

But have you ever thought about how the practices of your ISP might affect the security of your local network — and data that (at least ostensibly) never leaves the confines of your local net?

Though best security practices include running your own routers and firewalls (if not even more secure systems using FIDO security keys or other similar advanced technologies) the truth is that most consumer and small business users who run local nets (that is, communications between some number of local machines at their site or sites) depend on the firewalls and security mechanisms configured into ISP-provided modems.

The thing is that you’re often not the only one in control of those modems.

Leased cable or other wireless or wireline data modems typically provide the ability for the ISP to control and configure the modem remotely. Even if you buy an approved modem on your own when that’s permitted, network provisioning and maintenance/support requirements may still permit your ISP a great deal of control over the device.

Another truth is that most consumers and organizations tend to run rather lax security (if any at all) behind what they assume to be secure modem firewalls, meaning that if that firewall is breached, their local net is pretty much wide open.

In an ideal world, we could all employ methodologies similar to Google’s excellent BeyondCorp security model, which puts a well-deserved nail in the coffin of firewalls. Unfortunately, this usually isn’t practical for most non-techie consumers.

Fundamentally, the question boils down to this — can your ISP remotely change modem configurations that could give them or third parties inappropriate access to data on your local network?

For example, some ISPs now provide the means for customers to reconfigure the Wi-Fi on their modems via the ISP’s website. In the case of Time Warner Cable (aka Charter, Spectrum, or whatever they’re called this week), their site allows users to view and change Wi-Fi passwords, change or even disable Wi-Fi security completely, and more.

Handy? Yeah. But what happens if TWC’s super-deluxe website gets hacked? Or perhaps law enforcement or intel agencies come around and want to use loopholes in the laws to try access your local network data without your even knowing about it?

You can see the problem. If your local net has typically lax security, and you don’t have your own firewall downstream of that ISP modem, the modem Wi-Fi security could be disabled remotely, your local network sucked dry late one night, and security restored by the morning. You might not even have a clue that any of this occurred.

How often does this kind of scenario occur in practice? I have no way to know. But it’s clearly possible.

Luckily, this is a case where there are steps you definitely can take to minimize these risks.

First, make sure that your local network is internally as secure as possible. You can’t simply assume that just because a machine is on your local network with a local IP address that it necessarily is a friend!

Second, consider putting your own firewall downstream of the ISP modem. Routers/switches with this capability are plentiful and relatively inexpensive.

Third, consider not using the ISP modem Wi-Fi at all. Those routers I mentioned just above often have their own built-in Wi-Fi that you can configure, making it unnecessary to use the ISP modem Wi-Fi, and permitting a more comprehensive firewall under your complete control.

I’m not suggesting that you go into a panic and start ripping Ethernet cables out of the walls or cease using Wi-Fi. But it would be wise to start thinking now about how you can reconfigure your local network for maximal security in a world of expanding network security concerns.

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.

The Sensible Safeguards Needed Now for Pokémon GO

Hits: 585

Unless Pokémon GO turns out to be a relatively short-lived popular phenomenon (and actually even if it is, since PoGo will be but the progenitor of many future augmented reality games and other applications) it appears likely that the full real world impacts of the game were seemingly not completely considered before launch, leading to a growing collection of alarming situations.

There were signs of some sloppiness from the outset, when it was noted that the PoGo iOS app was asking for far more account permissions than was appropriate. The actual privacy risk in this case was minimal, but the mere fact that the app got out the door this way — given the intense concerns about app permissions generally — suggested a possible lack of due diligence in key respects.

While various of the problematic reports we’ve seen about PoGo can be chalked up to user inattention (plowing a car into a tree, driving off a cliff, etc.), many others cannot be blamed on the users alone, per se.

To note but a sampling, these include PoGo being used to attract players to be robbed, a registered sex offender who was supposed to stay away from children using the game to partner with a young child, and very recently, two players who were shot at by a homeowner when they were prowling a residential neighborhood at 1 AM. An array of other trespass-related occurrences have been noted, including players entering restricted areas at a nuclear power plant.

Of broader impact is the swarming of neighborhoods, parks, and other public places by far larger numbers of people than they were designed for — or that local authorities are prepared for — at all hours of the day and night. There are serious public safety concerns involved.

Such gaming activities become especially inappropriate when they occur at locations that are utterly unsuitable for gaming, like ordinarily quiet and respectful cemeteries and Holocaust museums.

Fans of PoGo enthusiastically declare that it’s a great way to meet new people and get exercise. Perhaps. In some locales at least, it seems that players are mostly driving around in their cars to reach designated targets, but we’ll let that pass for the moment.

One suspicion that’s difficult to shake is that seemingly there wasn’t much (if any?) attention given to purging inappropriate locations from PoGo’s ancestor game — Ingress — before deploying them in PoGo. The need for such a purge should have been obvious, given that PoGo would have been reasonably expected to attract far more users than Ingress (as it indeed dramatically has) and would also be far more attractive to children.

Historical side note: Ingress was originally developed at Google (in fact, I was one of its earliest players, I believe while it was still in beta), then spun off to a separate company — Niantic — in which Google holds a major stake.

As I noted above, PoGo is but the beginning of what will certainly be a long line of innovative and important augmented reality mobile apps. And that makes getting the real world implications of this tech in line with real world requirements and impacts as quickly as possible — without stifling innovation.

The most important requirement is to give more control to municipalities and persons who are impacted by these applications and their users.

For example, it doesn’t exactly take rocket science to figure out that sending users wandering around quiet residential areas in the middle of the night is a recipe for potentially dangerous (even lethal) confusion and confrontations, or that flooding a small park with thousands of people at once — without prior warning to local authorities — can easily lead to serious problems.

Niantic needs to immediately work toward providing much better mechanisms for involved homeowners, business owners, municipalities, and other associated entities, to request removal of specific locations from the PoGo location database (much as you can request removal of locations from Google Street View currently). And there should be ways to specify PoGo app operation “curfews” for specific locales as well — especially in residential neighborhoods, or areas with special concerns about the safety of late night visitors.

It is also crucial that accessing this kind of request/control system not require use of the PoGo app itself, nor ideally use of the Internet in any way — given that many affected persons may not even have Internet access. 

Obviously, different areas, regions, and countries will have their own individual attitudes and concerns about participation in the PoGo ecosystem, and we can reasonably expect the sorts of location removal and/or Pogo app curfew requests received to vary widely around the globe.

But it is not appropriate for these decisions to be made wholly by Niantic alone. And unless they and we get a handle on the real world impacts of augmented reality apps in short order, you can be sure that politicians — already expressing concerns about this area — will be moving in with their own “control ideas” — that will likely not be of the form that many of us would want, nor that would protect innovation going forward.

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.

The Coming Government Showdown over Live Video Streaming

Hits: 383

Over the last few days, we’ve dramatically seen the force of Internet live video streaming, and the obvious hints of policy battles to come regarding this powerful technology are clearly emerging.

Beyond the tragic images of a man shot to death by police in his car, and then live scenes of a sniper in Dallas who ultimately killed five officers, we’ve already seen other ugly shadows of what might become the new normal, including a streamed rape and suicide — both streamed by the perpetrators themselves for maximal publicity.

And yes, this is only the beginning. For while it has been possible to stream live video from portable devices since years ago, only now has the concept reached a critical mass, an “inflection” point where it is likely to have enormous impact on society at large.

While most of the attention to date has been on Facebook’s video streaming app, Google and other firms also have live streaming services, and that number can only be expected to grow for the foreseeable future, around the world.

Notably, these streaming systems typically include the means for viewers to comment live back to the video originators during the streams themselves, to do everything from expressing admiration or condemnation, to “simply” urging them on.

The positive public interest and probative value in the streaming of many public events is fairly obvious in most cases.

But even in the public space the associated dilemmas are vast.

Unfortunately, large audiences can bring out the worst in some people, and there is an enormous range of potential abuse for this technology in an ecosystem of unfiltered live streaming — in terms of risk-taking behavior to please your streaming audience, encouraging violence (either explicitly or implicitly), privacy attacks, and other abuses.

Even when no harm is actually intended, the mere fact of a live streamed dramatic event with a significant viewership will in some situations lead to potentially dangerous “flash crowds” as nearby viewers rush to participate in person.

And while these risks exist aplenty even with streaming from public places, the potential problems likely multiple by orders of magnitude when we consider live video streaming from private homes or businesses, perhaps by surreptitious means.

The bottom line is that live video streaming is a quintessential tool. It can be used for enormous good that could greatly enhance public knowledge and participatory democracy. It can also provide a morbid audience and incentive for hideous monsters (including both individuals and groups) whose real world streamed depravities could make fictional “torture porn” films pale by comparison.

So we find ourselves facing a familiar dilemma. If live video streaming firms don’t do the hard policy work required to provide reasonable controls over and filtering of this content, we can be sure that governments around the world — both of their own volition and pressured by their citizens — will move forcefully to enact control and censorship regimes to meet their perceived agendas.

And history tells us that once that kind of censorship takes hold, it’s extremely difficult to stop from spreading in all directions.

This makes it more imperative than ever that we move forward toward establishing best practices and policies to harness this uber-powerful technology in a reasonable manner, before governments move in with possibly knee-jerk “solutions” that will almost certainly make matters worse, not better.

I don’t claim to have any magic wands available for addressing these complicated issues, though my gut feeling is that we should be able to harness the enormous crowdsourcing power of the Net to rapidly categorize streams in real time and trigger filtering or other actions as appropriate.

But just sitting on our hands about this is not a viable option. That is, unless our goal is to see an incredibly useful technology being branded as “the enemy” just as it’s really beginning to flower.

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.